CVE-2022-21654 in Envoyالمعلومات

الملخص

بحسب MITRE • 23/02/2022

Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

مسؤول

GitHub, Inc.

حجز

16/11/2021

إفشاء

23/02/2022

الاعتدال

تمت الموافقة

إدخال

VDB-193637

EPSS

0.01061

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!