Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-25017

Disclosure Date: October 01, 2020 (last updated February 22, 2025)
Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy’s setCopy() header map API does not replace all existing occurences of a non-inline header.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0