Filter
Red Hat OpenShift Service MeshEnvoyproxy: openshift service mesh 2.6.3 and 2.5.6 envoy header handling allows log injection and potential spoofing
4.3
First published (updated )
Envoy ProxyHTTP/1: sending overload crashes when the request is reset beforehand in envoy
7.5
First published (updated )
Envoy ProxyEnvoy Admin Interface Exposed through prometheus metrics endpoint
7.1
EPSS
0.04%
First published (updated )
Envoy ProxyHTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Envoy ProxyHappy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy
4.5
First published (updated )
Envoy EnvoyEnvoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envo…
First published (updated )
Envoy ProxyEnvoy is a cloud-native high-performance edge/middle/service proxy. Envoy will crash when the http a…
First published (updated )
Envoy EnvoyEnvoy is a cloud-native high-performance edge/middle/service proxy. A vulnerability has been identif…
First published (updated )
Envoy EnvoyA flaw was found in Envoy. It is possible to modify/manipulate headers from external clients when pa…
7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Envoy PassportEnvoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sens…
5.5
First published (updated )
Envoy ProxyUpload of encrypted packages allows authenticated command execution in Enphase IQ Gateway v4.x and v5.x
8.6
First published (updated )
Envoy PassportEnvoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sens…
7.8
First published (updated )
Envoy ProxyEnvoy Proxy use after free when route hash policy is configured with cookie attributes
6.5
First published (updated )
Envoy EnvoyHTTP/2: memory exhaustion due to CONTINUATION frame flood
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Envoy security releases [1.29.3, 1.28.2, 1.27.4, 1.26.8] are now available
First published (updated )
CVE-2023-44487: HTTP/2 Rapid Reset attack against many implementations
First published (updated )
Envoy ProxyThe header x-envoy-original-path should be an internal header, but Envoy does not remove this heade…
7
First published (updated )
Envoy EnvoyIf Envoy is running with the OAuth filter enabled exposed, a malicious actor could construct a reque…
First published (updated )
Envoy ProxyIf origin header is configured to be removed with request_headers_to_remove: origin, CORS filter wil…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Envoy EnvoyA flaw was found in Envoy 1.9.0 and older. Envoy does not normalize HTTP URL paths. A remote attacke…
7
First published (updated )
Envoy EnvoyA flaw was found in Envoy 1.9.0 and older. When parsing HTTP/1.x header values, Envoy does not rejec…
7
First published (updated )