x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-12605 #2275
Labels
excluded: LEGACY_FALSE_POSITIVE
(DO NOT USE) Vulnerability marked as false positive before we introduced the triage process
CVE-2020-12605 references github.com/envoyproxy/envoy, which may be a Go module.
Description:
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.
References:
Cross references:
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: