4 matches found
Medium: ecs-service-connect-agent
Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...
CVE-2024-45808
creationtimestamp| type| source ---|---|--- 2024-09-20 03:02:03+00:00| seen| https://t.me/cvedetector/6096...
CVE-2024-45808 Malicious log injection via access logs in envoy
Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the REQUESTEDSERVERNAME field for access logger...
CVE-2024-45808 Malicious log injection via access logs in envoy
Envoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content into access logs. This is achieved by exploiting the lack of validation for the REQUESTEDSERVERNAME field for access logger...