The host is installed with getenvoy-envoy version 1.29.0 before 1.29.2 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle issues in HTTP/2 codec. On successful exploitation, An attacker can to send a sequence of CONTINUATION frames without the END_HEADERS bit set causing unlimited memory consumption.