PT-2020-13163 · Envoy · Envoy

Name of the Vulnerable Software and Affected Versions: Envoy versions 1.14.2, 1.13.2, 1.12.4 or earlier Description: The issue arises when an HTTP/2 client requests a large payload but fails to send sufficient window updates to consume the entire stream and does not reset the stream, leading to...