Envoy is vulnerable to denial of service. The vulnerability exists due to a segmentation fault in the GrpcHealthCheckerImpl allowing an attacker to crash the system by controlling an upstream host and also controlling the service discovery of that host (via DNS, the EDS API, etc.) and forcing the removal of the host from service discovery, and then failing the gRPC health check request.Read More