Back to bug 1996946
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Mark Cooper | 2021-08-24 04:26:09 UTC | CC | security-response-team | |
| Mark Cooper | 2021-08-24 06:41:02 UTC | Doc Text | An uncontrolled resource consumption vulnerability was found in envoyproxy/envoy. When envoy handles a large number of HTTP/2 requests which open and then reset the connection, it can cause excessive CPU usage. An attacker could potentially use this to cause a denial of service on the proxy. | |
| RaTasha Tillery-Smith | 2021-08-24 12:59:22 UTC | Doc Text | An uncontrolled resource consumption vulnerability was found in envoyproxy/envoy. When envoy handles a large number of HTTP/2 requests which open and then reset the connection, it can cause excessive CPU usage. An attacker could potentially use this to cause a denial of service on the proxy. | An uncontrolled resource consumption vulnerability was found in envoyproxy/envoy. When envoy handles a large number of HTTP/2 requests which open and then reset the connection, it can cause excessive CPU usage. This flaw allows an attacker to cause a denial of service on the proxy. The highest threat from this vulnerability is to system availability. |
| Nick Tait | 2021-08-24 21:58:12 UTC | Deadline | 2021-08-24 | |
| Summary | EMBARGOED CVE-2021-32778 envoyproxy/envoy: excessive CPU usage when handling a large number of HTTP/2 requests | CVE-2021-32778 envoyproxy/envoy: excessive CPU usage when handling a large number of HTTP/2 requests | ||
| Group | qe_staff, security | |||
| Red Hat Bugzilla | 2021-10-15 11:51:11 UTC | CC | kconner | |
| Red Hat Bugzilla | 2023-07-07 08:28:02 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody |
Back to bug 1996946