A flaw was found in Envoy. JWT filter will lead to a crash in Envoy when clearing the route cache with remote JWKs in the following cases: 1. Remote JWKs are used, which requires async header processing 2. clear_route_cache is enabled on the provider 3. Header operations are enabled in JWT filter, for example, header to claims feature 4. The routing table is configured in a way that the JWT header operations modify requests to not match any route When these conditions are met, a crash is triggered in the upstream code due to nullptr reference conversion from route(). The root cause is the ordering of continueDecoding and clearRouteCache. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or…Read More