CVE-2021-32780 log

Severity High
Remote Yes
Type Denial of service
Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an untrusted upstream service could cause Envoy to terminate abnormally by sending the GOAWAY frame followed by the SETTINGS frame with the SETTINGS_MAX_CONCURRENT_STREAMS parameter set to 0.
Group Package Affected Fixed Severity Status Ticket
AVG-2321 istio 1.11.0-1 1.11.1-1 High Fixed