EUVD-2021-30704

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Envoy edge proxy crashes with crafted CONNECT request to JWT filter, causing denial of service attack.

Reporter	Title	Published	Views	Family All 21
Circl	CVE-2021-43824	23 Feb 202202:12	–	circl
CNNVD	Envoy 代码问题漏洞	22 Feb 202200:00	–	cnnvd
CVE	CVE-2021-43824	22 Feb 202222:15	–	cve
Cvelist	CVE-2021-43824 Null pointer dereference in envoy	22 Feb 202222:15	–	cvelist
NVD	CVE-2021-43824	22 Feb 202223:15	–	nvd
OSV	BIT-ENVOY-2021-43824 Null pointer dereference in envoy	6 Mar 202410:56	–	osv
OSV	CVE-2021-43824	22 Feb 202223:15	–	osv
OSV	RHSA-2022:1275 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.1.2 security update	16 Sep 202407:28	–	osv
OSV	RHSA-2022:1276 Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.0.9 security update	30 Sep 202414:20	–	osv
Prion	Design/Logic Flaw	22 Feb 202223:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "59fb1033-ad0a-38e3-b642-2b78a6abbdec",
        "vendor": {
          "name": "envoyproxy"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "061e9718-8810-3c3e-be9d-fb6d63111021",
        "product": {
          "name": "envoy"
        },
        "product_version": "1.21.0, < 1.21.1"
      },
      {
        "id": "a5cbe0d3-d56b-3312-9b01-d52c09852bca",
        "product": {
          "name": "envoy"
        },
        "product_version": "1.19.0, < 1.19.3"
      },
      {
        "id": "f4e3ff2b-a027-342d-b123-85a15489fb29",
        "product": {
          "name": "envoy"
        },
        "product_version": "1.20.0, < 1.20.2"
      },
      {
        "id": "fb2094a8-341a-3bac-8754-04a1d6b63b64",
        "product": {
          "name": "envoy"
        },
        "product_version": "< 1.18.6"
      }
    ]
  }
]

Source	Link
suse	www.suse.com/security/cve/CVE-2021-43824.html
access	www.access.redhat.com/errata/RHSA-2022:1275
access	www.access.redhat.com/errata/RHSA-2022:1276
github	www.github.com/envoyproxy/envoy/security/advisories/GHSA-vj5m-rch8-5r2p
github	www.github.com/envoyproxy/envoy/commit/9371333230b1a6e1be2eccf4868771e11af6253a

03 Oct 2025 20:07Current

7.5High risk

Vulners AI Score7.5

CVSS 3.17.5

CVSS 24.3

EPSS0.00125

SSVC