PT-2019-15674 · Envoy+1 · Envoy+1

Alyssa Wilk

Published

2019-12-13

Updated

2024-11-13

CVE-2019-18802

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Envoy version 1.12.0

Description An issue was discovered where an untrusted remote client can send an HTTP header, such as the Host header, with whitespace after the header content. This allows the client to bypass matchers, for example, by sending a Host header with a value of "example.com " to bypass an "example.com" matcher.

Recommendations For Envoy version 1.12.0, as a temporary workaround, consider restricting the use of HTTP headers with whitespace after the header content until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-18802

GHSA-356M-VHW2-WCM4

MGASA-2020-0147

OPENSUSE-SU-2020:0379-1

OPENSUSE-SU-2020_0379-1

OPENSUSE-SU-2021:0341-1

OPENSUSE-SU-2021_0341-1

OPENSUSE-SU-2024:14491-1

RHSA-2019:4222

SUSE-SU-2020:0722-1

SUSE-SU-2020_0722-1

Affected Products

Envoy

Suse

PT-2019-15674 · Envoy+1 · Envoy+1

CVE-2019-18802

Related Identifiers

Affected Products

References · 23