Description
Envoy is an open source edge and service proxy, designed for cloud-native applications. When a cluster is deleted via Cluster Discovery Service (CDS) all idle connections established to endpoints in that cluster are disconnected. A recursion was introduced in the procedure of disconnecting idle connections that can lead to stack exhaustion and abnormal process termination when a cluster has a large number of idle connections. This infinite recursion causes Envoy to crash. Users are advised to upgrade.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Extra Product Options Multiple Vulnerabilities (4.5.3)
WordPress 'templates.php' Cross-Site Scripting Vulnerability (0.6.2 - 2.1)
MySQL CVE-2013-3808 Vulnerability (CVE-2013-3808)
WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (5.1.0)
Oracle Application Server Other Vulnerability (CVE-2006-5358)