Envoy Proxy Integer Overflow or Wraparound Vulnerability - CVE-2021-28682 - Vulnerability Database

Envoy Proxy Integer Overflow or Wraparound Vulnerability - CVE-2021-28682

High

Reference: CVE-2021-28682

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-28682

Title: Envoy Proxy Integer Overflow or Wraparound Vulnerability

Overview:

An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.