Description
Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade.
Remediation
References
Related Vulnerabilities
Contao Incorrect Default Permissions Vulnerability (CVE-2019-19712)
WordPress Plugin Like Dislike Counter SQL Injection (1.2.3)
WordPress Plugin Social Gallery and Widget Security Bypass (2.2.5)
Oracle JRE Other Vulnerability (CVE-2012-5085)
Wordpress Plugin Backup Migration CVE-2023-6553 Vulnerability (CVE-2023-6553)