Description

Envoy is a cloud-native, open source edge and service proxy. Envoyproxy with a Brotli filter can get into an endless loop during decompression of Brotli data with extra input.

Remediation

References

CVE-2024-32976

Related Vulnerabilities

WordPress Plugin Real3D FlipBook Multiple Vulnerabilities (2.18.8)

Joomla! Core 3.x.x Information Disclosure (3.4.0 - 3.6.5)

phpBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-5502)

WebLogic CVE-2020-2883 Vulnerability (CVE-2020-2883)

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-43953)

Severity

High

Classification

CVE-2024-32976 CWE-835 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities