Envoy up to and including 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy’s setCopy() header map API does not replace all existing occurences of a non-inline header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
envoyproxy envoy |