CVE-2021-28683

Published May 20th, 2021

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

MEDIUM

Affected

PROJECT

Description

An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.

envoyproxy/envoy

Cloud-native high-performance edge/middle/service proxy

GitHub

28.3K