Lucene search
GoogleOSV:BIT-ENVOY-2022-21654HistoryMar 06, 2024 - 10:56 a.m.
BIT-envoy-2022-21654
2024-03-0610:56:26
Google
osv.dev
4
envoy
proxy
cloud-native
tls
re-use
issue
default
settings
upgrade
software
Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy’s tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade.
Related
cvelist
cvelist
cve
cve
CVE-2022-21654
2022-02-22 23:15:00
veracode
veracode
Incorrect Default Configuration
2022-06-02 20:45:53
osv
osv
CVE-2022-21654
2022-02-22 23:15:11
Multiple security issues in Pomerium's embedded envoy
2022-03-01 22:04:17
prion
prion
Default configuration
2022-02-22 23:15:00
cnvd
cnvd
Envoy Trust Management Issue Vulnerability (CNVD-2022-15535)
2022-02-24 00:00:00
redhatcve
redhatcve
CVE-2022-21654
2022-02-23 02:36:21
github
github
Multiple security issues in Pomerium's embedded envoy
2022-03-01 22:04:17
redhat
redhat
nessus
nessus
RHEL 8 : Red Hat OpenShift Service Mesh 2.1.2 (RHSA-2022:1275)
2022-04-08 00:00:00
RHEL 8 : Red Hat OpenShift Service Mesh 2.0.9 (RHSA-2022:1276)
2022-04-08 00:00:00