Unrated severityNVD Advisory· Published Dec 18, 2024· Updated Dec 18, 2024
HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy
CVE-2024-53271
Description
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to upgrade. There are no known workarounds for this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<1.31.5 >=1.31.0, <1.32.3 >=1.32.0+ 1 more
- (no CPE)range: <1.31.5 >=1.31.0, <1.32.3 >=1.32.0
- (no CPE)range: >= 1.31.0, < 1.31.5
Patches
Vulnerability mechanics
References
2- github.com/envoyproxy/envoy/commit/da56f6da63079baecef9183436ee5f4141a59af8mitrex_refsource_MISC
- github.com/envoyproxy/envoy/security/advisories/GHSA-rmm5-h2wv-mg4fmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.