CVE-2019-18836

Published November 11th, 2019

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECTS

Description

Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continue_on_listener_filters_timeout is used."

istio/istio

Connect, secure, control, and observe services.

GitHub

38.2K

envoyproxy/envoy

Cloud-native high-performance edge/middle/service proxy

GitHub

28.3K