Envoy · Envoy · CVE-2021-28683
Name of the Vulnerable Software and Affected Versions:
Envoy versions prior to 1.71.1
Description:
A remotely exploitable issue exists where a NULL pointer dereference and crash can occur in TLS when an unknown TLS alert code is received.
Recommendations:
For versions prior to 1.71.1, update to a version that contains a fix for this issue to prevent remote exploitation.