Описание
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to upgrade. There are no known workarounds for this issue.
A flaw was found in Envoy. In affected versions, Envoy does not properly handle certain HTTP 1.1 responses. Specially-crafted requests may trigger failures or application crashes in networked devices, leading to a denial of service.
Отчет
This vulnerability is rated Important due to Envoy's improper handling of HTTP 1.1 non-101 1xx responses, potentially leading to downstream failures in networked devices, this issue can disrupt service communication, requiring prompt attention and resolution to maintain network stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| OpenShift Service Mesh 2 | openshift-service-mesh/istio-cni-rhel8 | Affected | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/pilot-rhel8 | Not affected | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/proxyv2-rhel8 | Not affected | ||
| OpenShift Service Mesh 2 | openshift-service-mesh/proxyv2-rhel9 | Not affected |
Показывать по
Дополнительная информация
Статус:
7.1 High
CVSS3
Связанные уязвимости
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to upgrade. There are no known workarounds for this issue.
Envoy is a cloud-native high-performance edge/middle/service proxy. In ...
Уязвимость конфигурации envoy.reloadable_features.http1_balsa_delay_reset прокси-сервера Envoy, позволяющая нарушителю вызвать отказ в обслуживании
7.1 High
CVSS3