VDB
CVE-2024-27919
CVE-2024-27919
PUBLISHED
HTTP/2: memory exhaustion due to CONTINUATION frame flood
EPSS 23.88% · 96.1th percentile
Risk Scores
EPSS Score
23.88%
96.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | envoy | 1.29.0, 1.29.0 |
| Bitnami | envoy | 1.29.0 |
Timeline
- Jan 21, 1970 Security Advisory
- Apr 3, 2024 CVE Published
- Apr 5, 2024 EPSS Score
- Apr 9, 2024 PoC Published
- Apr 9, 2024 PoC Published
- Apr 9, 2024 PoC Published
- May 26, 2024 EPSS Score
- Jun 20, 2024 EPSS Score
- Aug 10, 2024 EPSS Score
- Sep 4, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 24, 2024 EPSS Score
References
- https://github.com/envoyproxy/envoy/commit/57a02565532c18eb9df972a3e8974be3ae59f2d5 url
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-gghf-vfxp-799r url
- http://www.openwall.com/lists/oss-security/2024/04/03/16 url
- http://www.openwall.com/lists/oss-security/2024/04/05/3 url
- https://nvd.nist.gov/vuln/detail/CVE-2024-27919 url
- https://www.kb.cert.org/vuls/id/421644 url