cbcvebase.
CVE-2019-9900
published 2019-04-25

CVE-2019-9900: When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting…

PriorityP347high8.3CVSS 3.1
AVNACLPRNUINSCCLILAL
EPSS
3.73%
88.5th percentile
When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL characters to potentially bypass header matching rules, gaining access to unauthorized resources.

Affected

1 ranges
VendorProductVersion rangeFixed in
envoyproxyenvoy<= 1.9.0

CVSS provenance

nvdv3.18.3HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_redhat8.3HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.