---

CVE-2021-32780 - log back

CVE-2021-32780 edited at 25 Aug 2021 10:19:12

Description

- Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an untrusted upstream service could cause Envoy to terminate abnormally by sending the GOAWAY frame followed by the SETTINGS frame with the SETTINGS_MAX_CONCURRENT_STREAMS parameter set to 0. See CVE-2021-32780 for more information. + Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an untrusted upstream service could cause Envoy to terminate abnormally by sending the GOAWAY frame followed by the SETTINGS frame with the SETTINGS_MAX_CONCURRENT_STREAMS parameter set to 0.

CVE-2021-32780 edited at 25 Aug 2021 10:18:35
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability where an untrusted upstream service could cause Envoy to terminate abnormally by sending the GOAWAY frame followed by the SETTINGS frame with the SETTINGS_MAX_CONCURRENT_STREAMS parameter set to 0. See CVE-2021-32780 for more information.
References	+ https://istio.io/latest/news/security/istio-security-2021-008/#cve-2021-32780

CVE-2021-32780 created at 25 Aug 2021 10:15:50
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes