New Gloo 1.5 with improvements to multi-cluster failover, traffic control, AWS Lambda, external Auth, and dev-to-ops experienceRead More
Showing results for tag Vulnerability
Envoy Proxy — high severity vulnerabilities that can lead to exposure of unauthorized services.
Overview Two vulnerabilities have been discovered in the Envoy proxy that can potentially allow unauthorized access to backend resources. They are classified as of high severity according to the CVSS methodology and immediate action is needed. CVE-2019–9900 (CVSS score 8.3) When parsing HTTP/1.x header values, Envoy 1.9 and before does not reject embedded zero characters (NUL, ASCII […]