Home > Vulnerability Database > WS-2019-0519

Mend.io Vulnerability Database

WS-2019-0519

Good to know:

Date: February 20, 2019

In Envoy v1.9.0 and v1.9.1, it was possible to have two filter chains that didn't have proto equivalent FilterChainMatches, yet had semantically equivalent matchers. E.g. when one filter chain has a not-yet-implemented field. This led to a situation where the first filter chain might register for SDS (and corresponding initialization callbacks), then the second equivalent filter chain would replace it, freeing up the callback target. When SDS initialized, the stale callback would be invoked, resulting in heap-user-after-free.

Language: C++

Severity Score

7.5

Related Resources (2)

Url: https://github.com/envoyproxy/envoy/commit/fd79055373e0b127b3d32a062ac93b6bc891fb77

Url: https://www.mend.io/vulnerability-database/WS-2019-0519

Severity Score

7.5

Weakness Type (CWE)

Heap-based Buffer Overflow

CWE-122

Top Fix

Upgrade Version

Upgrade to version v1.10.0

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2019-0519

Good to know:

Date: February 20, 2019

Language: C++

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?