An issue exists in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
envoyproxy envoy 1.14.6 |
||
envoyproxy envoy 1.15.3 |
||
envoyproxy envoy 1.16.2 |
||
envoyproxy envoy 1.17.1 |