mirror of https://github.com/hashicorp/consul
b8d2640429
To avoid unintended tampering with remote downstreams via service config, refactor BasicEnvoyExtender and RuntimeConfig to disallow typical Envoy extensions from being applied to non-local proxies. Continue to allow this behavior for AWS Lambda and the read-only Validate builtin extensions. Addresses CVE-2023-2816. |
||
---|---|---|
.. | ||
proxy | ||
validate | ||
go.mod | ||
go.sum |