An issue exists in Envoy up to and including 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
envoyproxy envoy 1.14.6 |
||
envoyproxy envoy 1.15.3 |
||
envoyproxy envoy 1.16.2 |
||
envoyproxy envoy 1.17.1 |