Lucene search

PRIOn knowledge basePRION:CVE-2023-35944

HistoryJul 25, 2023 - 7:15 p.m.

Design/Logic Flaw

2023-07-2519:15:00

PRIOn knowledge base

www.prio-n.com

envoy

edge proxy

service proxy

case-sensitive

scheme checks

http/2

mixed-case

requests

rejection

bypass

fix

versions

6.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.9%

JSON

Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTTP/2, however, some internal scheme checks are case-sensitive. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, this can lead to the rejection of requests with mixed-case schemes such as htTp or htTps, or the bypassing of some requests such as https in unencrypted connections. With a fix in versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, Envoy will now lowercase scheme values by default, and change the internal scheme checks that were case-sensitive to be case-insensitive. There are no known workarounds for this issue.

CPENameOperatorVersion
envoyge1.24.0
envoylt1.24.10
envoyge1.25.0
envoylt1.25.9
envoyge1.26.0
envoylt1.26.4
envoyge1.23.0
envoylt1.23.12

Name	Operator	Version
envoy	ge	1.24.0
envoy	lt	1.24.10
envoy	ge	1.25.0
envoy	lt	1.25.9
envoy	ge	1.26.0
envoy	lt	1.26.4
envoy	ge	1.23.0
envoy	lt	1.23.12

References

github.com/envoyproxy/envoy/security/advisories/GHSA-pvgm-7jpg-pw5g