Filter
AND
redhat/envoyEnvoy vulnerable to OAuth2 credentials exploit with permanent validity
9.8
First published (updated )
Envoy ProxyEnvoy doesn't escape HTTP header values
9.1
First published (updated )
Envoy ProxyEnvoy gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received.
9.8
First published (updated )
Envoy ProxyEnvoy forwards invalid Http2/Http3 downstream headers
9.1
First published (updated )
Envoy ProxyEnvoy client may fake the header `x-envoy-original-path`
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/EnvoyTrivial authentication bypass in Envoy
10
First published (updated )
redhat/envoyIncorrect configuration handling allows TLS session re-use without re-validation in Envoy
9.8
First published (updated )
Envoy ProxyMalformed request header may cause route matchers or access controls to be bypassed, resulting in es…
9.8
First published (updated )
Envoy ProxyAn untrusted remote client may send HTTP/2 requests that write to the heap outside of the request bu…
9.8
First published (updated )
go/github.com/envoyproxy/envoyEnvoy 1.9.0 and before does not normalize HTTP URL paths. A remote attacker may craft a relative pat…
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.