Lucene search
GoogleOSV:CVE-2021-43826HistoryFeb 22, 2022 - 11:15 p.m.
CVE-2021-43826
2022-02-2223:15:00
Google
osv.dev
16
envoy
open source
proxy
crash
upstream tunneling
cloud-native
applications
cve-2021-43826
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions of Envoy a crash occurs when configured for :ref:upstream tunneling <envoy_v3_api_field_extensions.filters.network.tcp_proxy.v3.TcpProxy.tunneling_config> and the downstream connection disconnects while the the upstream connection or http/2 stream is still being established. There are no workarounds for this issue. Users are advised to upgrade.
Related
osv
osv
BIT-envoy-2021-43826
2024-03-06 10:56:37
Multiple security issues in Pomerium's embedded envoy
2022-03-01 22:04:17
redhatcve
redhatcve
CVE-2021-43826
2022-02-23 02:35:39
cve
cve
CVE-2021-43826
2022-02-22 23:15:10
cnvd
cnvd
Envoy Resource Management Error Vulnerability (CNVD-2022-15542)
2022-02-24 00:00:00
prion
prion
Code injection
2022-02-22 23:15:00
nvd
nvd
CVE-2021-43826
2022-02-22 23:15:10
cvelist
cvelist
CVE-2021-43826 Crash when tunneling TCP over HTTP in Envoy
2022-02-22 22:45:22
veracode
veracode
Denial Of Service (DoS)
2022-06-02 20:45:36
github
github
Multiple security issues in Pomerium's embedded envoy
2022-03-01 22:04:17
redhat
redhat
nessus
nessus
RHEL 8 : Red Hat OpenShift Service Mesh 2.1.2 (RHSA-2022:1275)
2022-04-08 00:00:00
RHEL 8 : Red Hat OpenShift Service Mesh 2.0.9 (RHSA-2022:1276)
2022-04-08 00:00:00