Envoy edge proxy allows mixed-case schemes in HTTP/2, leading to scheme rejection or request bypass prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 CVE-2023-35944
Reporter | Title | Published | Views | Family All 24 |
---|---|---|---|---|
![]() | CVE-2023-35944 | 25 Jul 202319:15 | – | cve |
![]() | CVE-2023-35944 | 26 Jul 202316:47 | – | redhatcve |
![]() | CVE-2023-35944 Envoy vulnerable to incorrect handling of HTTP requests and responses with mixed case schemes | 25 Jul 202318:35 | – | vulnrichment |
![]() | Design/Logic Flaw | 25 Jul 202319:15 | – | prion |
![]() | CVE-2023-35944 | 25 Jul 202319:15 | – | nvd |
![]() | Authentication Bypass | 27 Jul 202309:42 | – | veracode |
![]() | BIT-envoy-2023-35944 | 6 Mar 202410:52 | – | osv |
![]() | CVE-2023-35944 Envoy vulnerable to incorrect handling of HTTP requests and responses with mixed case schemes | 25 Jul 202318:35 | – | cvelist |
![]() | Oracle Linux 7 : istio (ELSA-2023-12781) | 8 Sep 202300:00 | – | nessus |
![]() | Oracle Linux 8 : istio (ELSA-2023-12780) | 8 Sep 202300:00 | – | nessus |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo