CVE-2021-29258

High

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a…

mitre·CWE-617·Published 2021-05-20

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

160 chars

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion.

NVDen

160 chars

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion.

NVDes

189 chars

Se detectó un problema en Envoy versión 1.14.0. Se presenta un bloqueo explotable remoto para unos metadatos HTTP2, porque un mapa de METADATOS vacío desencadena un Reachable Assertion

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H