Description
In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993.
Remediation
References
Related Vulnerabilities
Dolphin Other Vulnerability (CVE-2006-5410)
WordPress Plugin Error Log Viewer by BestWebSoft Cross-Site Scripting (1.0.5)
WordPress Plugin SS Quiz Multiple Unspecified Vulnerabilities (1.12)
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-23620)
WordPress Plugin Easy PayPal Buy Now Button Cross-Site Scripting (1.7.3)