Описание
Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an internal redirect selects a route configured with direct response or redirect actions. This will result in a denial of service. As a workaround turn off internal redirects if direct response entries are configured on the same listener.
A flaw was found in envoy. Due to incorrect handling of the common router, a segfault is possible when internal redirects are routes with a direct response entry.
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an internal redirect selects a route configured with direct response or redirect actions. This will result in a denial of service. As a workaround turn off internal redirects if direct response entries are configured on the same listener.
Envoy is an open source edge and service proxy, designed for cloud-nat ...
7.5 High
CVSS3