A flaw was found in the Envoy proxy. External authentication can be bypassed by downstream connections that use the PROXY protocol. Downstream clients can force invalid gRPC requests to send to ext_authz, circumventing ext_authz checks when failure_mode_allow is set to…Read More