An issue exists in Envoy up to and including 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
envoyproxy envoy 1.16.2 |
||
envoyproxy envoy 1.17.1 |