Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy
Vulnerability Description
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to upgrade. There are no known workarounds for this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
Vulnerability Type
控制流实现总是不正确
Vulnerability Title
Envoy Proxy 安全漏洞
Vulnerability Description
Envoy Proxy是Envoy Proxy开源的一个云原生高性能边缘/中间/服务代理。 Envoy Proxy存在安全漏洞,该漏洞源于无法正确处理http响应,可能导致联网设备中的下游故障。
CVSS Information
N/A
Vulnerability Type
N/A