Envoy is a high-performance edge/middle/service proxy. The regex expression is compiled for every request and can result in high CPU usage and increased request latency when multiple routes are configured with such matchers. This issue has been addressed in released 1.29.1, 1.28.1, 1.27.3, and 1.26.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LEnvoyproxy Envoy
APPEnvoyproxy1.26.0 β 1.26.7 (bez)1.27.0 β 1.27.3 (bez)1.28.0 β 1.28.1 (bez)1.29.0 β 1.29.1 (bez)
Related vulnerabilities
Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter implementation do...
An issue was discovered in Envoy 1.12.0. An untrusted remote client may send HTTP/2 requests that write to the...
An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) wit...
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can ...
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37....