4cae008559
To avoid unintended tampering with remote downstreams via service config, refactor BasicEnvoyExtender and RuntimeConfig to disallow typical Envoy extensions from being applied to non-local proxies. Continue to allow this behavior for AWS Lambda and the read-only Validate builtin extensions. Addresses CVE-2023-2816. |
||
---|---|---|
.. | ||
aws-lambda | ||
http/localratelimit | ||
lua | ||
wasm |