{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "last_affected": "1.0.0" }, { "introduced": "0" }, { "last_affected": "1.1.0" }, { "introduced": "0" }, { "last_affected": "1.2.0" }, { "introduced": "0" }, { "last_affected": "1.3.0" }, { "introduced": "0" }, { "last_affected": "1.4.0" }, { "introduced": "0" }, { "last_affected": "1.5.0" }, { "introduced": "0" }, { "last_affected": "1.6.0" }, { "introduced": "0" }, { "last_affected": "1.7.0" }, { "introduced": "0" }, { "last_affected": "1.7.1" }, { "introduced": "0" }, { "last_affected": "1.8.0" }, { "introduced": "0" }, { "last_affected": "1.9.0" }, { "introduced": "0" }, { "last_affected": "1.9.1" }, { "introduced": "0" }, { "last_affected": "1.10.0" }, { "introduced": "0" }, { "last_affected": "1.11.0" }, { "introduced": "0" }, { "last_affected": "1.11.1" }, { "introduced": "0" }, { "last_affected": "1.11.2" } ] }, "events": [ { "introduced": "0" }, { "last_affected": "ef54a03858d0be3e7768d37b5a8c0b136b664e21" }, { "introduced": "0" }, { "last_affected": "c34e49535dd1e8a8fc34337f6e022826783f4d1d" }, { "introduced": "0" }, { "last_affected": "721586f5844fdd5bc6a8a65243e38a5711c6ac34" }, { "introduced": "0" }, { "last_affected": "3afc7712a04907ffd25ed497626639febfe65735" }, { "introduced": "0" }, { "last_affected": "a8507f67225cdd912712971bf72d41f219eb74ed" }, { "introduced": "0" }, { "last_affected": "9ed62923a8ff6745407046c4451ce757348d966f" }, { "introduced": "0" }, { "last_affected": "4dd49d8809f7aaa580538b3c228dd99a2fae92a4" }, { "introduced": "0" }, { "last_affected": "3f59fb5c0f6554f8b3f2e73ab4c1437a63d42668" }, { "introduced": "0" }, { "last_affected": "b59205bc9a3e7bd3e0b3453943b0a1a3c93ea0ec" }, { "introduced": "0" }, { "last_affected": "5d25f466c3410c0dfa735d7d4358beb76b2da507" }, { "introduced": "0" }, { "last_affected": "37bfd8ac347955661af695a417492655b21939dc" }, { "introduced": "0" }, { "last_affected": "ea248e2919db841b4f3cc5e2c44dcbd90565467d" }, { "introduced": "0" }, { "last_affected": "e95ef6bc43daeda16451ad4ef20979d8e07a5299" }, { "introduced": "0" }, { "last_affected": "bf169f9d3c8f4c682650c5390c088a4898940913" }, { "introduced": "0" }, { "last_affected": "e349fb6139e4b7a59a9a359be0ea45dd61e589c5" }, { "introduced": "0" }, { "last_affected": "7a12f379e47a9f7cf7211c727fe8fc70b6a0a9ab" }, { "fixed": "afc39bea36fd436e54262f150c009e8d72db5014" } ], "repo": "https://github.com/envoyproxy/envoy", "type": "GIT" } ] } ], "details": "Upon receiving each incoming request header data, Envoy will iterate over existing request headers to verify that the total size of the headers stays below a maximum limit. The implementation in versions 1.10.0 through 1.11.1 for HTTP/1.x traffic and all versions of Envoy for HTTP/2 traffic had O(n^2) performance characteristics. A remote attacker may craft a request that stays below the maximum request header size but consists of many thousands of small headers to consume CPU and result in a denial-of-service attack.", "id": "CVE-2019-15226", "modified": "2026-03-13T21:57:43.096069016Z", "published": "2019-10-09T16:15:14.687Z", "references": [ { "type": "ADVISORY", "url": "https://github.com/envoyproxy/envoy/commits/master" }, { "type": "ADVISORY", "url": "https://github.com/envoyproxy/envoy/issues/8520" }, { "type": "FIX", "url": "https://github.com/envoyproxy/envoy/commit/afc39bea36fd436e54262f150c009e8d72db5014" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }