CVE-2019-18801

Name of the Vulnerable Software and Affected Versions Envoy version 1.12.0

Description An issue allows an untrusted remote client to send HTTP/2 requests that can write to the heap outside of the request buffers when the upstream is HTTP/1. This can lead to corruption of nearby heap contents or bypass Envoy's access control mechanisms, such as path-based routing. An attacker may also modify requests from other users that are proximal in time and space.

Recommendations For Envoy version 1.12.0, consider disabling HTTP/2 support until a patch is available to prevent exploitation. Restrict access to sensitive paths and resources to minimize the risk of access control bypass. As a temporary workaround, monitor and limit proximal requests to reduce the risk of request modification. At the moment, there is no information about a newer version that contains a fix for this vulnerability.