Oval Definition:oval:org.opensuse.security:def:202012603
Revision Date:2022-05-25Version:1
Title:CVE-2020-12603
Description:

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2020-12603
SUSE-CU-2020:555-1
SUSE-CU-2020:556-1
Mitre CVE-2020-12603
SUSE CVE-2020-12603
SUSE-CU-2020:555-1
SUSE-CU-2020:556-1
SUSE-CU-2021:50-1
SUSE-CU-2021:51-1
SUSE-SU-2021:0335-1
openSUSE-SU-2022:0065-1
Platform(s):openSUSE Leap 15.3
SUSE CaaS Platform 4.5
Product(s):
Definition Synopsis
  • SUSE CaaS Platform 4.5 is installed
  • AND Package Information
  • caasp-release-4.5.3-1.13.1 is installed
  • OR helm3-3.3.3-3.5.2 is installed
  • OR skuba-2.1.13-3.15.7.2 is installed
  • OR skuba-update-2.1.13-3.15.7.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • envoy-proxy-1.14.6-bp153.3.4.1 is installed
  • AND envoy-proxy is signed with openSUSE key
  • OR
  • envoy-proxy-source-1.14.6-bp153.3.4.1 is installed
  • AND envoy-proxy-source is signed with openSUSE key
    • BACK