servicemesh is vulnerable to denial of service. The vulnerability exists due to a lack of check on the envoys procedure for resetting a HTTP/2 stream has O(N^2) complexity.
access.redhat.com/errata/RHEA-2021:4051
bugzilla.redhat.com/show_bug.cgi?id=1996946
github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc
github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc
istio.io/latest/news/security/istio-security-2021-008/
www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history
www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history