Wanlill

**Name of the Vulnerable Software and Affected Versions** Envoy versions prior to 1.26.0 Envoy versions prior to 1.25.3 Envoy versions prior to 1.24.4 Envoy versions prior to 1.23.6 Envoy versions prior to 1.22.9 **Description** The OAuth filter in Envoy assumes that a `state` query param is present on any response that looks like an OAuth redirect response. Sending a request with the URI path equivalent to the redirect path, without the `state` parameter, will lead to abnormal termination of the Envoy process. **Recommendations** For versions prior to 1.26.0, update to version 1.26.0 or later. For versions prior to 1.25.3, update to version 1.25.3 or later. For versions prior to 1.24.4, update to version 1.24.4 or later. For versions prior to 1.23.6, update to version 1.23.6 or later. For versions prior to 1.22.9, update to version 1.22.9 or later. As a temporary workaround, consider disabling the OAuth filter or locking down OAuth traffic to minimize the risk of exploitation. Alternatively, filter traffic before it reaches the OAuth filter, for example, via a lua script.