github.com/projectcontour/contour is vulnerable to denial of service (DoS). The vulnerability exists as there is a lack of authentication to perform GET requests to the unsafe /shutdown
endpoint on port 8090, allowing an attacke rto remove Envoy from the routing pool.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/projectcontour/contour | le | 1.6.1 | |
github.com/projectcontour/contour | le | 1.6.1 |