Latest envoyproxy envoy Vulnerabilities

CVE-2024-23322
Envoy crashes when idle and request per try timeout occur within the backoff interval
Envoyproxy Envoy>=1.26.0<1.26.7
Envoyproxy Envoy>=1.27.0<1.27.3
Envoyproxy Envoy>=1.28.0<1.28.1
Envoyproxy Envoy>=1.29.0<1.29.1
CVE-2024-23323
Excessive CPU usage when URI template matcher is configured using regex in Envoy
Envoyproxy Envoy>=1.26.0<1.26.7
Envoyproxy Envoy>=1.27.0<1.27.3
Envoyproxy Envoy>=1.28.0<1.28.1
Envoyproxy Envoy>=1.29.0<1.29.1
CVE-2024-23324
Envoy ext auth can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata
Envoyproxy Envoy>=1.26.0<1.26.7
Envoyproxy Envoy>=1.27.0<1.27.3
Envoyproxy Envoy>=1.28.0<1.28.1
Envoyproxy Envoy>=1.29.0<1.29.1
CVE-2024-23325
Envoy crashes when using an address type that isn’t supported by the OS
Envoyproxy Envoy>=1.26.0<1.26.7
Envoyproxy Envoy>=1.27.0<1.27.3
Envoyproxy Envoy>=1.28.0<1.28.1
Envoyproxy Envoy>=1.29.0<1.29.1
CVE-2024-23327
Crash in proxy protocol when command type of LOCAL in Envoy
Envoyproxy Envoy>=1.26.0<1.26.7
Envoyproxy Envoy>=1.27.0<1.27.3
Envoyproxy Envoy>=1.28.0<1.28.1
Envoyproxy Envoy>=1.29.0<1.29.1
CVE-2023-44487
- Rapid Reset HTTP/2 vulnerability
Microsoft Windows 11=21H2
Microsoft Windows 11=21H2
Microsoft Windows Server 2022
Microsoft Windows Server 2022
Microsoft Windows 11=22H2
Microsoft Windows 11=22H2
and 556 more
CVE-2023-35943
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, the CORS filter will segfault and crash Envoy whe...
Envoyproxy Envoy>=1.23.0<1.23.12
Envoyproxy Envoy>=1.24.0<1.24.10
Envoyproxy Envoy>=1.25.0<1.25.9
Envoyproxy Envoy>=1.26.0<1.26.4
CVE-2023-35944
Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTTP/2, however, some internal scheme checks are case-sensitive. Prior to vers...
Envoyproxy Envoy>=1.23.0<1.23.12
Envoyproxy Envoy>=1.24.0<1.24.10
Envoyproxy Envoy>=1.25.0<1.25.9
Envoyproxy Envoy>=1.26.0<1.26.4
redhat/envoy<1.26.3
redhat/envoy<1.25.8
and 2 more
CVE-2023-35945
Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving `RST_STREAM` immediately followed by the `GOAWA...
redhat/envoy<1.26.3
redhat/envoy<1.25.8
redhat/envoy<1.24.9
redhat/envoy<1.23.11
Envoyproxy Envoy<1.23.11
Envoyproxy Envoy>=1.24.0<1.24.9
and 3 more
CVE-2023-35942
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope...
Envoyproxy Envoy>=1.23.0<1.23.12
Envoyproxy Envoy>=1.24.0<1.24.10
Envoyproxy Envoy>=1.25.0<1.25.9
Envoyproxy Envoy>=1.26.0<1.26.4
redhat/envoy<1.26.3
redhat/envoy<1.25.8
and 2 more
CVE-2023-35941
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentia...
Envoyproxy Envoy>=1.23.0<1.23.12
Envoyproxy Envoy>=1.24.0<1.24.10
Envoyproxy Envoy>=1.25.0<1.25.9
Envoyproxy Envoy>=1.26.0<1.26.4
redhat/envoy<1.26.3
redhat/envoy<1.25.8
and 2 more
CVE-2023-27493
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, Envoy does not sanitize or escape request propertie...
Envoyproxy Envoy<1.22.9
Envoyproxy Envoy>=1.23.0<1.23.6
Envoyproxy Envoy>=1.24.0<1.24.4
Envoyproxy Envoy>=1.25.0<1.25.3
CVE-2023-27488
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when `failure_...
Envoyproxy Envoy<1.22.9
Envoyproxy Envoy>=1.23.0<1.23.6
Envoyproxy Envoy>=1.24.0<1.24.4
Envoyproxy Envoy>=1.25.0<1.25.3
CVE-2023-27496
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a `state` query param...
Envoyproxy Envoy<1.22.9
Envoyproxy Envoy>=1.23.0<1.23.6
Envoyproxy Envoy>=1.24.0<1.24.4
Envoyproxy Envoy>=1.25.0<1.25.3
CVE-2023-27492
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the Lua filter is vulnerable to denial of service. ...
Envoyproxy Envoy<1.22.9
Envoyproxy Envoy>=1.23.0<1.23.6
Envoyproxy Envoy>=1.24.0<1.24.4
Envoyproxy Envoy>=1.25.0<1.25.3
CVE-2023-27491
Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject malformed request lines. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6,...
Envoyproxy Envoy<1.22.9
Envoyproxy Envoy>=1.23.0<1.23.6
Envoyproxy Envoy>=1.24.0<1.24.4
Envoyproxy Envoy>=1.25.0<1.25.3
CVE-2023-27487
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the client may bypass JSON Web Token (JWT) checks a...
Envoyproxy Envoy<1.22.9
Envoyproxy Envoy>=1.23.0<1.23.6
Envoyproxy Envoy>=1.24.0<1.24.4
Envoyproxy Envoy>=1.25.0<1.25.3
CVE-2022-29227
Envoy is a cloud-native high-performance edge/middle/service proxy. In versions prior to 1.22.1 if Envoy attempts to send an internal redirect of an HTTP request consisting of more than HTTP headers, ...
Envoyproxy Envoy<1.22.1
CVE-2022-29228
A flaw was found in Envoy. The OAuth filter would try to invoke the remaining filters in the chain after emitting a local response, which triggers an ASSERT() in newer versions and corrupts memory on ...
redhat/servicemesh-proxy<0:2.1.3-1.el8
Envoyproxy Envoy<1.22.1
CVE-2022-29226
Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter implementation does not include a mechanism for validating access tokens, so by design when the HMAC signed...
redhat/servicemesh-proxy<0:2.1.3-1.el8
Envoyproxy Envoy<1.22.1
CVE-2022-29225
Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 secompressors accumulate decompressed data into an intermediate buffer before overwriting the body in the decode/encodeBody....
redhat/Envoy<1.22.1
redhat/Envoy<1.21.3
redhat/Envoy<1.20.4
redhat/Envoy<1.19.5
redhat/servicemesh-proxy<0:2.0.10-1.el8
redhat/servicemesh-proxy<0:2.1.3-1.el8
and 1 more
CVE-2022-29224
Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health c...
Envoyproxy Envoy<1.22.1
redhat/servicemesh-proxy<0:2.0.10-1.el8
redhat/servicemesh-proxy<0:2.1.3-1.el8
CVE-2022-21657
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS c...
Envoyproxy Envoy<1.18.6
Envoyproxy Envoy>=1.19.0<1.19.3
Envoyproxy Envoy>=1.20.0<1.20.2
CVE-2022-21656
Envoy is an open source edge and service proxy, designed for cloud-native applications. The default_validator.cc implementation used to implement the default certificate validation routines has a "typ...
Envoyproxy Envoy<1.20.2
CVE-2022-23606
Envoy is an open source edge and service proxy, designed for cloud-native applications. When a cluster is deleted via Cluster Discovery Service (CDS) all idle connections established to endpoints in t...
Envoyproxy Envoy>=1.20.0<1.20.2
Envoyproxy Envoy=1.21.0
redhat/servicemesh-proxy<0:2.0.9-3.el8
redhat/servicemesh-proxy<0:2.1.2-4.el8
CVE-2022-21655
Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an internal redirect selects a route configured with direct response or...
redhat/envoy<1.18.6
redhat/envoy<1.19.3
redhat/envoy<1.20.2
redhat/envoy<1.21.1
redhat/servicemesh-proxy<0:2.0.9-3.el8
redhat/servicemesh-proxy<0:2.1.2-4.el8
and 4 more
CVE-2022-21654
Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The ...
redhat/envoy<1.18.6
redhat/envoy<1.19.3
redhat/envoy<1.20.2
redhat/envoy<1.21.1
redhat/servicemesh-proxy<0:2.0.9-3.el8
redhat/servicemesh-proxy<0:2.1.2-4.el8
and 4 more
CVE-2021-43826
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions of Envoy a crash occurs when configured for :ref:`upstream tunneling <envoy_v3_api_field_ex...
Envoyproxy Envoy<1.18.6
Envoyproxy Envoy>=1.19.0<1.19.3
Envoyproxy Envoy>=1.20.0<1.20.2
Envoyproxy Envoy>=1.21.0<1.21.1
redhat/servicemesh-proxy<0:2.0.9-3.el8
redhat/servicemesh-proxy<0:2.1.2-4.el8
CVE-2021-43825
Envoy is an open source edge and service proxy, designed for cloud-native applications. Sending a locally generated response must stop further processing of request or response data. Envoy tracks the ...
redhat/servicemesh-proxy<0:2.0.9-3.el8
redhat/servicemesh-proxy<0:2.1.2-4.el8
Envoyproxy Envoy<1.18.6
Envoyproxy Envoy>=1.19.0<1.19.3
Envoyproxy Envoy>=1.20.0<1.20.2
Envoyproxy Envoy>=1.21.0<1.21.1
CVE-2021-43824
Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions a crafted request crashes Envoy when a CONNECT request is sent to JWT filter configured wit...
redhat/servicemesh-proxy<0:2.0.9-3.el8
redhat/servicemesh-proxy<0:2.1.2-4.el8
Envoyproxy Envoy<1.18.6
Envoyproxy Envoy>=1.19.0<1.19.3
Envoyproxy Envoy>=1.20.0<1.20.2
Envoyproxy Envoy>=1.21.0<1.21.1
CVE-2021-39206
Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related vulnerabilities CVE-2021-32777 and CVE-2021-32779. This may lead to incorr...
Envoyproxy Envoy<1.16.5
Envoyproxy Envoy>=1.17.0<1.17.4
Envoyproxy Envoy>=1.18.0<1.18.4
Envoyproxy Envoy=1.19.0
Pomerium Pomerium>=0.11.0<0.14.8
Pomerium Pomerium=0.15.0
CVE-2021-39162
Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, can abnormally terminate if an H/2 GOAWAY and SETTINGS frame are received in the same IO event. This can lead...
Envoyproxy Envoy<1.18.4
Envoyproxy Envoy=1.19.0
Pomerium Pomerium=0.15.0
CVE-2021-39204
Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilizat...
Envoyproxy Envoy<=1.16.4
Envoyproxy Envoy>=1.17.0<1.17.4
Envoyproxy Envoy>=1.18.0<1.18.4
Envoyproxy Envoy=1.19.0
Pomerium Pomerium<0.14.8
Pomerium Pomerium=0.15.0
CVE-2021-32781
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop furthe...
Envoyproxy Envoy>=1.16.0<1.16.5
Envoyproxy Envoy>=1.17.0<1.17.4
Envoyproxy Envoy>=1.18.0<1.18.4
Envoyproxy Envoy=1.19.0
CVE-2021-32780
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions Envoy transitions a H/2 connection to the CLOSED state when it rec...
Envoyproxy Envoy>=1.18.0<1.18.4
Envoyproxy Envoy=1.19.0
CVE-2021-32778
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy’s procedure for resetting a HTTP/2 stream has O(N^2) complex...
Envoyproxy Envoy>=1.16.0<1.16.5
Envoyproxy Envoy>=1.17.0<1.17.4
Envoyproxy Envoy>=1.18.0<1.18.4
Envoyproxy Envoy=1.19.0
CVE-2021-32779
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI '#fragment' element as part of the...
Envoyproxy Envoy>=1.16.0<1.16.5
Envoyproxy Envoy>=1.17.0<1.17.4
Envoyproxy Envoy>=1.18.0<1.18.4
Envoyproxy Envoy=1.19.0
CVE-2021-32777
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the externa...
Envoyproxy Envoy>=1.16.0<1.16.5
Envoyproxy Envoy>=1.17.0<1.17.4
Envoyproxy Envoy>=1.18.0<1.18.4
Envoyproxy Envoy=1.19.0
CVE-2021-29492
Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences `%2F` and `%5C` in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path wit...
Envoyproxy Envoy<1.15.5
Envoyproxy Envoy>=1.16.0<1.16.4
Envoyproxy Envoy>=1.17.0<1.17.3
Envoyproxy Envoy>=1.18.0<1.18.3
CVE-2021-29258
An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion.
Envoyproxy Envoy=1.14.6
Envoyproxy Envoy=1.15.3
Envoyproxy Envoy=1.16.2
Envoyproxy Envoy=1.17.1
redhat/envoyproxy/envoy<1.17.2
CVE-2021-28682
An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.
Envoyproxy Envoy=1.14.6
Envoyproxy Envoy=1.15.3
Envoyproxy Envoy=1.16.2
Envoyproxy Envoy=1.17.1
redhat/envoyproxy/envoy<1.17.2
CVE-2021-28683
An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.
Envoyproxy Envoy=1.16.2
Envoyproxy Envoy=1.17.1
redhat/envoyproxy/envoy<1.17.2
CVE-2020-35470
Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy...
Envoyproxy Envoy<1.16.1
IBM Cloud Pak for Security (CP4S)<=1.6.0.1
IBM Cloud Pak for Security (CP4S)<=1.6.0.0
IBM Cloud Pak for Security (CP4S)<=1.5.0.1
IBM Cloud Pak for Security (CP4S)<=1.5.0.0
IBM Cloud Pak for Security (CP4S)<=1.4.0.0
CVE-2020-35471
Envoy before 1.16.1 mishandles dropped and truncated datagrams, as demonstrated by a segmentation fault for a UDP packet size larger than 1500.
IBM Cloud Pak for Security (CP4S)<=1.6.0.1
IBM Cloud Pak for Security (CP4S)<=1.6.0.0
IBM Cloud Pak for Security (CP4S)<=1.5.0.1
IBM Cloud Pak for Security (CP4S)<=1.5.0.0
IBM Cloud Pak for Security (CP4S)<=1.4.0.0
Envoyproxy Envoy<1.16.1
CVE-2020-25017
Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. Envoy’s setCopy() header map API does not replace all existing occurences of a non-in...
Envoyproxy Envoy<1.12.7
Envoyproxy Envoy>=1.13.0<1.13.4
Envoyproxy Envoy>=1.14.0<1.14.4
Envoyproxy Envoy>=1.15.0<1.15.1
CVE-2020-25018
Envoy master between 2d69e30 and 3b5acb2 may fail to parse request URL that requires host canonicalization.
Envoyproxy Envoy>=2d69e30<3b5acb2
CVE-2020-8663
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections.
Envoyproxy Envoy<=1.12.4
Envoyproxy Envoy>=1.13.0<=1.13.2
Envoyproxy Envoy>=1.14.0<=1.14.2
CVE-2020-12605
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.
Envoyproxy Envoy<=1.12.4
Envoyproxy Envoy=1.13.2
Envoyproxy Envoy=1.14.2
CVE-2020-12603
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.
Envoyproxy Envoy<=1.12.4
Envoyproxy Envoy=1.13.2
Envoyproxy Envoy=1.14.2
CVE-2020-11767
Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. If there is a TCP connection (negotiated with SNI over HTTPS) to *.example.com, a request for a domain concurrently configured expl...
Envoyproxy Envoy<=1.14.1
Istio Istio<=1.5.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203