Lucene search
GoogleOSV:BIT-ENVOY-2022-21655HistoryMar 06, 2024 - 10:56 a.m.
BIT-envoy-2022-21655
2024-03-0610:56:14
Google
osv.dev
6
envoy
edge proxy
cloud-native
denial of service
workaround
internal redirects
0.001 Low
EPSS
Percentile
38.9%
Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an internal redirect selects a route configured with direct response or redirect actions. This will result in a denial of service. As a workaround turn off internal redirects if direct response entries are configured on the same listener.
Related
prion
prion
Design/Logic Flaw
2022-02-22 23:15:00
osv
osv
CVE-2022-21655
2022-02-22 23:15:11
Multiple security issues in Pomerium's embedded envoy
2022-03-01 22:04:17
redhatcve
redhatcve
CVE-2022-21655
2022-02-23 02:36:22
cvelist
cvelist
cnvd
cnvd
Envoy has an unspecified vulnerability (CNVD-2022-16291)
2022-02-24 00:00:00
cve
cve
CVE-2022-21655
2022-02-22 23:15:00
veracode
veracode
Denial Of Service (DoS)
2022-06-02 20:46:18
github
github
Multiple security issues in Pomerium's embedded envoy
2022-03-01 22:04:17
nessus
nessus
RHEL 8 : Red Hat OpenShift Service Mesh 2.1.2 (RHSA-2022:1275)
2022-04-08 00:00:00
RHEL 8 : Red Hat OpenShift Service Mesh 2.0.9 (RHSA-2022:1276)
2022-04-08 00:00:00
redhat
redhat