Vulnerabilities > Redhat > Openshift Service Mesh > High

DATE CVE VULNERABILITY TITLE RISK
2019-08-13 CVE-2019-9515 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service.
7.5
2019-08-13 CVE-2019-9514 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service.
7.5
2019-08-13 CVE-2019-9513 Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. 7.5
2019-08-13 CVE-2019-9511 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service.
7.5
2019-04-25 CVE-2019-9900 Injection vulnerability in multiple products
When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0).
network
low complexity
envoyproxy redhat CWE-74
8.3