mirror of https://github.com/status-im/consul.git
b8d2640429
To avoid unintended tampering with remote downstreams via service config, refactor BasicEnvoyExtender and RuntimeConfig to disallow typical Envoy extensions from being applied to non-local proxies. Continue to allow this behavior for AWS Lambda and the read-only Validate builtin extensions. Addresses CVE-2023-2816. |
||
---|---|---|
.. | ||
runtime_config.go | ||
runtime_config_oss_test.go |