Filters
Envoyproxy EnvoyEnvoy vulnerable to OAuth2 credentials exploit with permanent validity
9.8
First published (updated )
Envoyproxy EnvoyEnvoy doesn't escape HTTP header values
9.1
First published (updated )
Envoyproxy EnvoyEnvoy gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received.
9.8
First published (updated )
Envoyproxy EnvoyEnvoy forwards invalid Http2/Http3 downstream headers
9.1
First published (updated )
Envoyproxy EnvoyEnvoy client may fake the header `x-envoy-original-path`
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/servicemesh-proxyTrivial authentication bypass in Envoy
10
First published (updated )
redhat/envoyIncorrect configuration handling allows TLS session re-use without re-validation in Envoy
9.8
First published (updated )
Envoyproxy EnvoyMalformed request header may cause route matchers or access controls to be bypassed, resulting in es…
9.8
First published (updated )
Envoyproxy EnvoyAn untrusted remote client may send HTTP/2 requests that write to the heap outside of the request bu…
9.8
First published (updated )
go/github.com/envoyproxy/envoyEnvoy 1.9.0 and before does not normalize HTTP URL paths. A remote attacker may craft a relative pat…
10
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.