CVE-2019-18838
HIGHEnvoy < 1.12.1 - Denial of Service via NULL Pointer Dereference in Host Header Handling
Title source: llmDescription
An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An encoder filter that invokes route manager APIs that access a request's Host header causes a NULL pointer dereference, resulting in abnormal termination of the Envoy process.
References (4)
Core 4
Core References
Patch x_refsource_misc
https://github.com/envoyproxy/envoy/commits/master
Mailing List x_refsource_misc
https://groups.google.com/forum/#%21forum/envoy-users
Product x_refsource_misc
https://blog.envoyproxy.io
Exploit, Third Party Advisory x_refsource_confirm
https://github.com/envoyproxy/envoy/security/advisories/GHSA-f2rv-4w6x-rwhc
Scores
CVSS v3
7.5
EPSS
0.0214
EPSS Percentile
79.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (1)
envoyproxy/envoy
< 1.12.1
Published
Dec 13, 2019
Tracked Since
Feb 18, 2026