4 matches found
Denial Of Service (DoS)
Envoy is vulnerable to denial of service. The vulnerability exists due to a segmentation fault in the GrpcHealthCheckerImpl allowing an attacker to crash the system by controlling an upstream host and also controlling the service discovery of that host via DNS, the EDS API, etc. and forcing the...
CVE-2022-29224
Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can “hold” prevent removal upstrea...
Null pointer dereference
Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can “hold� prevent removal...
CVE-2022-29224 Segmentation fault leading to crash in Envoy
Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can “hold” prevent removal upstrea...