HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-47774Published Modified CNA GitHub_M

CVE-2026-47774: Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentially resulting in OOM termination of the Envoy process and denial of service. The issue arises from the combination of two behaviors. First, cookie header bytes are not fully accounted for during request header size validation in Envoy. Second, HPACK header block limits in oghttp2/quiche are enforced on encoded bytes without a corresponding limit on total decoded header size. Together, these behaviors allow a malicious client to cause large decoded header allocations while bypassing the intended request header size protections. Versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1 contain a fix. No complete workaround is known short of applying a fix. Possible temporary mitigations include disabling downstream HTTP/2 where operationally feasible; enforcing stricter request header and cookie limits before traffic reaches Envoy; and monitoring Envoy memory usage for abnormal growth under HTTP/2 traffic.

Metrics

CVSS v3.1
7.5
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A memory exhaustion vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote attacker to trigger out-of-memory termination of the Envoy proxy process. The flaw combines two weaknesses: cookie header bytes are under-counted during header size validation, and HPACK block limits are checked on encoded bytes rather than decoded size, letting a crafted request bypass intended protections and force large heap allocations. Successful exploitation crashes the Envoy process, taking down all traffic it proxies. Fix versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1 have been published; HarborGuard tracks this CVE and will make patched-image rebuilds available as soon as customer images referencing a fixed version are detected.

HarborGuard Coverage

Detection

Detection of CVE-2026-47774 is available across every HarborGuard environment, with the CVE matched against images in customer registries and CI pipelines within minutes of ingestion from upstream advisory feeds. Coverage extends to custom-built images that bundle Envoy directly, not only upstream base images.

Available
Triage

HarborGuard is capable of scoring this CVE at CVSS 7.5 HIGH and weighting it against each environment's compliance policy to surface urgency appropriately. Triage routing is available to direct findings to the team inbox or ticketing integration configured for each customer organization.

Available
Patch

Because no fix version has been published upstream at this time, HarborGuard re-checks the advisory on every ingest cycle and will make a patched-image rebuild available the moment a fixed version is confirmed. For customers with auto-remediation enabled, a rebuilt image, regression-test run, and PR opened against affected workloads will be triggered automatically once a fix ships.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Envoy process over the network; any Envoy instance with a publicly or internally reachable HTTP/2 downstream listener is in scope.

  • AuthenticationNot required

    No credentials or session token are needed; the malicious HTTP/2 request can be sent by any unauthenticated client.

  • Victim interactionNot required

    No user action is required; the attacker sends crafted HTTP/2 frames directly to the Envoy listener without any victim interaction.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and imposes no special preconditions such as race conditions or knowledge of memory layout.

Blast Radius

  • Crashes the Envoy process via out-of-memory termination, dropping all in-flight HTTP/2 connections it was handling.
  • Causes a full denial of service for any downstream clients or services routing traffic through the affected Envoy instance.
  • Repeated triggering can prevent process restart from stabilizing, sustaining an extended outage.

How HarborGuard Handles This

Available on HarborGuard: because no upstream fix has been published for this CVE, HarborGuard continuously re-checks the advisory feed on each ingest cycle and will surface patched-image rebuild availability the moment versions 1.35.11, 1.36.7, 1.37.3, or 1.38.1 (or later) are confirmed clean. For customers with auto-remediation enabled, the rebuild, regression-test run, and PR against affected workloads will trigger automatically without manual intervention. While awaiting a fix, HarborGuard policy controls can assist with compensating measures: network-policy rules can be scoped to restrict which clients are permitted to send HTTP/2 traffic to Envoy listeners, reducing exposure to untrusted sources. Customers may also consider enforcing upstream request header and cookie size limits at an edge layer before traffic reaches Envoy, and configuring memory-usage alerts on Envoy pods to detect abnormal growth early. Where operationally feasible, disabling downstream HTTP/2 on exposed listeners eliminates the attack surface entirely until a patched image is available.

See how HarborGuard automates this
Affected packages
  • envoyproxy / envoy
    < 1.35.11 · >= 1.36.0, < 1.36.7 · >= 1.37.0, < 1.37.3 · >= 1.38.0, < 1.38.1
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References