CVE-2021-32781 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Yes
Type	Arbitrary code execution
Description	Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability that affects Envoy’s decompressor, json-transcoder or grpc-web extensions or proprietary extensions that modify and increase the size of request or response bodies. Modifying and increasing the size of the body in an Envoy extension beyond the internal buffer size could lead to Envoy accessing deallocated memory and terminating abnormally.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2321	istio	1.11.0-1	1.11.1-1	High	Fixed

References
https://istio.io/latest/news/security/istio-security-2021-008/#cve-2021-32781