Vulnerabilities > CVE-2023-35945 - Incomplete Cleanup vulnerability in multiple products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

envoyproxy

nghttp2

CWE-459

NVD

Published: 2023-07-13

Updated: 2023-10-24

Summary

Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWAY` frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the `GOAWAY` frame skips de-allocation of the bookkeeping structure and pending compressed header. The error return [code path] is taken if connection is already marked for not sending more requests due to `GOAWAY` frame. The clean-up code is right after the return statement, causing memory leak. Denial of service through memory exhaustion. This vulnerability was patched in versions(s) 1.26.3, 1.25.8, 1.24.9, 1.23.11.

Vulnerable Configurations

Part	Description	Count
Application	Envoyproxy Envoyproxy Envoy 1.26.0 Envoyproxy Envoy 1.26.1 Envoyproxy Envoy 1.26.2 Envoyproxy Envoy 1.25.0 Envoyproxy Envoy 1.25.1 Envoyproxy Envoy 1.25.2 Envoyproxy Envoy 1.25.3 Envoyproxy Envoy 1.25.4 Envoyproxy Envoy 1.25.5 Envoyproxy Envoy 1.25.6 Envoyproxy Envoy 1.25.7 Envoyproxy Envoy 1.24.0 Envoyproxy Envoy 1.24.1 Envoyproxy Envoy 1.24.2 Envoyproxy Envoy 1.24.3 Envoyproxy Envoy 1.24.4 Envoyproxy Envoy 1.24.5 Envoyproxy Envoy 1.24.6 Envoyproxy Envoy 1.24.7 Envoyproxy Envoy 1.24.8 Envoyproxy Envoy 1.0.0 Envoyproxy Envoy 1.1.0 Envoyproxy Envoy 1.2.0 Envoyproxy Envoy 1.3.0 Envoyproxy Envoy 1.4.0 Envoyproxy Envoy 1.5.0 Envoyproxy Envoy 1.6.0 Envoyproxy Envoy 1.7.0 Envoyproxy Envoy 1.7.1 Envoyproxy Envoy 1.8.0 Envoyproxy Envoy 1.9.0 Envoyproxy Envoy 1.9.1 Envoyproxy Envoy 1.10.0 Envoyproxy Envoy 1.11.0 Envoyproxy Envoy 1.11.1 Envoyproxy Envoy 1.11.2 Envoyproxy Envoy 1.12.0 Envoyproxy Envoy 1.12.1 Envoyproxy Envoy 1.12.2 Envoyproxy Envoy 1.12.3 Envoyproxy Envoy 1.12.4 Envoyproxy Envoy 1.12.5 Envoyproxy Envoy 1.12.6 Envoyproxy Envoy 1.12.7 Envoyproxy Envoy 1.13.0 Envoyproxy Envoy 1.13.1 Envoyproxy Envoy 1.13.2 Envoyproxy Envoy 1.13.3 Envoyproxy Envoy 1.13.4 Envoyproxy Envoy 1.13.5 Envoyproxy Envoy 1.13.6 Envoyproxy Envoy 1.13.7 Envoyproxy Envoy 1.13.8 Envoyproxy Envoy 1.14.0 Envoyproxy Envoy 1.14.1 Envoyproxy Envoy 1.14.2 Envoyproxy Envoy 1.14.3 Envoyproxy Envoy 1.14.4 Envoyproxy Envoy 1.14.5 Envoyproxy Envoy 1.14.6 Envoyproxy Envoy 1.14.7 Envoyproxy Envoy 1.15.0 Envoyproxy Envoy 1.15.1 Envoyproxy Envoy 1.15.2 Envoyproxy Envoy 1.15.3 Envoyproxy Envoy 1.15.4 Envoyproxy Envoy 1.15.5 Envoyproxy Envoy 1.16.0 Envoyproxy Envoy 1.16.1 Envoyproxy Envoy 1.16.2 Envoyproxy Envoy 1.16.3 Envoyproxy Envoy 1.16.4 Envoyproxy Envoy 1.16.5 Envoyproxy Envoy 1.17.0 Envoyproxy Envoy 1.17.1 Envoyproxy Envoy 1.17.2 Envoyproxy Envoy 1.17.3 Envoyproxy Envoy 1.17.4 Envoyproxy Envoy 1.18.0 Envoyproxy Envoy 1.18.1 Envoyproxy Envoy 1.18.2 Envoyproxy Envoy 1.18.3 Envoyproxy Envoy 1.18.4 Envoyproxy Envoy 1.19.0 Envoyproxy Envoy 1.19.1 Envoyproxy Envoy 1.19.3 Envoyproxy Envoy 1.19.4 Envoyproxy Envoy 1.19.5 Envoyproxy Envoy 1.20.0 Envoyproxy Envoy 1.20.1 Envoyproxy Envoy 1.20.2 Envoyproxy Envoy 1.20.3 Envoyproxy Envoy 1.20.4 Envoyproxy Envoy 1.20.5 Envoyproxy Envoy 1.20.6 Envoyproxy Envoy 1.20.7 Envoyproxy Envoy 1.21.0 Envoyproxy Envoy 1.21.1 Envoyproxy Envoy 1.21.2 Envoyproxy Envoy 1.21.3 Envoyproxy Envoy 1.21.4 Envoyproxy Envoy 1.21.5 Envoyproxy Envoy 1.21.6 Envoyproxy Envoy 1.22.0 Envoyproxy Envoy 1.22.1 Envoyproxy Envoy 1.22.2 Envoyproxy Envoy 1.22.3 Envoyproxy Envoy 1.22.4 Envoyproxy Envoy 1.22.5 Envoyproxy Envoy 1.22.6 Envoyproxy Envoy 1.22.7 Envoyproxy Envoy 1.22.8 Envoyproxy Envoy 1.22.9 Envoyproxy Envoy 1.22.10 Envoyproxy Envoy 1.22.11 Envoyproxy Envoy 1.23.0 Envoyproxy Envoy 1.23.1 Envoyproxy Envoy 1.23.2 Envoyproxy Envoy 1.23.3 Envoyproxy Envoy 1.23.4 Envoyproxy Envoy 1.23.5 Envoyproxy Envoy 1.23.6 Envoyproxy Envoy 1.23.7 Envoyproxy Envoy 1.23.8 Envoyproxy Envoy 1.23.9 Envoyproxy Envoy 1.23.10	126
Application	Nghttp2 Nghttp2 Nghttp2 0.1.0 Nghttp2 Nghttp2 0.2.0 Nghttp2 Nghttp2 0.3.0 Nghttp2 Nghttp2 0.3.1 Nghttp2 Nghttp2 0.3.2 Nghttp2 Nghttp2 0.4.0 Nghttp2 Nghttp2 0.4.1 Nghttp2 Nghttp2 0.5.0 Nghttp2 Nghttp2 0.5.1 Nghttp2 Nghttp2 0.6.0 Nghttp2 Nghttp2 0.6.1 Nghttp2 Nghttp2 0.6.2 Nghttp2 Nghttp2 0.6.3 Nghttp2 Nghttp2 0.6.4 Nghttp2 Nghttp2 0.6.5 Nghttp2 Nghttp2 0.6.6 Nghttp2 Nghttp2 0.6.7 Nghttp2 Nghttp2 0.7.0 Nghttp2 Nghttp2 0.7.1 Nghttp2 Nghttp2 0.7.2 Nghttp2 Nghttp2 0.7.3 Nghttp2 Nghttp2 0.7.4 Nghttp2 Nghttp2 0.7.5 Nghttp2 Nghttp2 0.7.6 Nghttp2 Nghttp2 0.7.7 Nghttp2 Nghttp2 0.7.8 Nghttp2 Nghttp2 0.7.9 Nghttp2 Nghttp2 0.7.10 Nghttp2 Nghttp2 0.7.11 Nghttp2 Nghttp2 0.7.12 Nghttp2 Nghttp2 0.7.13 Nghttp2 Nghttp2 0.7.14 Nghttp2 Nghttp2 0.7.15 Nghttp2 Nghttp2 1.0.0 Nghttp2 Nghttp2 1.0.1 Nghttp2 Nghttp2 1.0.2 Nghttp2 Nghttp2 1.0.3 Nghttp2 Nghttp2 1.0.4 Nghttp2 Nghttp2 1.0.5 Nghttp2 Nghttp2 1.1.0 Nghttp2 Nghttp2 1.1.1 Nghttp2 Nghttp2 1.1.2 Nghttp2 Nghttp2 1.2.0 Nghttp2 Nghttp2 1.2.1 Nghttp2 Nghttp2 1.3.0 Nghttp2 Nghttp2 1.3.1 Nghttp2 Nghttp2 1.3.2 Nghttp2 Nghttp2 1.3.3 Nghttp2 Nghttp2 1.3.4 Nghttp2 Nghttp2 1.4.0 Nghttp2 Nghttp2 1.5.0 Nghttp2 Nghttp2 1.6.0 Nghttp2 Nghttp2 1.7.0 Nghttp2 Nghttp2 1.7.1 Nghttp2 Nghttp2 1.8.0 Nghttp2 Nghttp2 1.9.0 Nghttp2 Nghttp2 1.9.1 Nghttp2 Nghttp2 1.9.2 Nghttp2 Nghttp2 1.10.0 Nghttp2 Nghttp2 1.11.0 Nghttp2 Nghttp2 1.11.1 Nghttp2 Nghttp2 1.12.0 Nghttp2 Nghttp2 1.13.0 Nghttp2 Nghttp2 1.14.0 Nghttp2 Nghttp2 1.14.1 Nghttp2 Nghttp2 1.15.0 Nghttp2 Nghttp2 1.16.0 Nghttp2 Nghttp2 1.16.1 Nghttp2 Nghttp2 1.17.0 Nghttp2 Nghttp2 1.18.0 Nghttp2 Nghttp2 1.18.1 Nghttp2 Nghttp2 1.19.0 Nghttp2 Nghttp2 1.20.0 Nghttp2 Nghttp2 1.21.0 Nghttp2 Nghttp2 1.21.1 Nghttp2 Nghttp2 1.22.0 Nghttp2 Nghttp2 1.23.0 Nghttp2 Nghttp2 1.23.1 Nghttp2 Nghttp2 1.24.0 Nghttp2 Nghttp2 1.25.0 Nghttp2 Nghttp2 1.26.0 Nghttp2 Nghttp2 1.27.0 Nghttp2 Nghttp2 1.28.0 Nghttp2 Nghttp2 1.29.0 Nghttp2 Nghttp2 1.30.0 Nghttp2 Nghttp2 1.31.0 Nghttp2 Nghttp2 1.31.1 Nghttp2 Nghttp2 1.32.0 Nghttp2 Nghttp2 1.32.1 Nghttp2 Nghttp2 1.33.0 Nghttp2 Nghttp2 1.34.0 Nghttp2 Nghttp2 1.35.0 Nghttp2 Nghttp2 1.35.1 Nghttp2 Nghttp2 1.36.0 Nghttp2 Nghttp2 1.37.0 Nghttp2 Nghttp2 1.38.0 Nghttp2 Nghttp2 1.39.0 Nghttp2 Nghttp2 1.39.1 Nghttp2 Nghttp2 1.39.2 Nghttp2 Nghttp2 1.40.0 Nghttp2 Nghttp2 1.41.0 Nghttp2 Nghttp2 1.42.0 Nghttp2 Nghttp2 1.43.0 Nghttp2 Nghttp2 1.44.0 Nghttp2 Nghttp2 1.45.0 Nghttp2 Nghttp2 1.45.1 Nghttp2 Nghttp2 1.46.0 Nghttp2 Nghttp2 1.47.0 Nghttp2 Nghttp2 1.48.0 Nghttp2 Nghttp2 1.49.0 Nghttp2 Nghttp2 1.50.0 Nghttp2 Nghttp2 1.51.0 Nghttp2 Nghttp2 1.52.0 Nghttp2 Nghttp2 1.53.0 Nghttp2 Nghttp2 1.54.0 Nghttp2 Nghttp2 1.55.0	116

Common Weakness Enumeration (CWE)

CWE-459 - Incomplete Cleanup

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References