Description
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions of Envoy a crash occurs when configured for :ref:`upstream tunneling <envoy_v3_api_field_extensions.filters.network.tcp_proxy.v3.TcpProxy.tunneling_config>` and the downstream connection disconnects while the the upstream connection or http/2 stream is still being established. There are no workarounds for this issue. Users are advised to upgrade.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2007-1375)
WordPress Plugin YITH Desktop Notifications for WooCommerce Security Bypass (1.2.7)
WordPress Plugin Better User Shortcodes Multiple Cross-Site Scripting Vulnerabilities (1.0)
MySQL CVE-2023-22092 Vulnerability (CVE-2023-22092)
Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745)