One Article Review
| Source |  Vuln GCP |
|---|---|
| Identifiant | 8635103 |
| Date de publication | 2025-01-09 00:11:31 (vue: 2025-01-09 01:08:50) |
| Titre | GCP-2024-065 |
| Texte | Description
Description
Severity
Notes
The following CVEs expose Cloud Service Mesh to exploitable vulnerabilities: CVE-2024-53269: Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting.
CVE-2024-53270: HTTP/1: Sending overload crashes when the request is reset beforehand.
CVE-2024-53271: HTTP/1.1 Multiple issues with envoy.reloadable_features.http1_balsa_delay_reset. For instructions and more details, see the Cloud Service Mesh security bulletin.
High
CVE-2024-53269
CVE-2024-53270
CVE-2024-53271
Description Description Severity Notes The following CVEs expose Cloud Service Mesh to exploitable vulnerabilities: CVE-2024-53269: Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting. CVE-2024-53270: HTTP/1: Sending overload crashes when the request is reset beforehand. CVE-2024-53271: HTTP/1.1 Multiple issues with envoy.reloadable_features.http1_balsa_delay_reset. For instructions and more details, see the Cloud Service Mesh security bulletin. High CVE-2024-53269 CVE-2024-53270 CVE-2024-53271 |
| Notes | |
| Envoyé | Oui |
| Condensat | 065 2024 53269 53269: 53270 53270: 53271 53271: additional address addresses are balsa beforehand bulletin cloud crashes crashing cve cves delay description details envoy exploitable expose eyeballs: features following gcp happy high http/1 http/1: http1 instead instructions issues mesh more multiple notes overload reloadable request reset security see sending service severity sorting validate vulnerabilities: when |
| Tags | Vulnerability Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.