---

CVE-2021-32781 - log back

CVE-2021-32781 edited at 25 Aug 2021 10:20:01
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ Envoy, as used by Istio before version 1.11.1, contains a remotely exploitable vulnerability that affects Envoy’s decompressor, json-transcoder or grpc-web extensions or proprietary extensions that modify and increase the size of request or response bodies. Modifying and increasing the size of the body in an Envoy extension beyond the internal buffer size could lead to Envoy accessing deallocated memory and terminating abnormally.
References	+ https://istio.io/latest/news/security/istio-security-2021-008/#cve-2021-32781

CVE-2021-32781 created at 25 Aug 2021 10:15:50
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes