2 matches found
CVE-2026-26311
CVE-2026-26311 affects Envoy releases prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13. The issue is a logic vulnerability in the HTTP connection manager (FilterManager) where, after an HTTP/2 stream reset, the code may invoke filter callbacks on a stream that is already logically cleaned up, creatin...
CVE-2026-26309 Envoy has an off-by-one write in JsonEscaper::escapeString()
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, an off-by-one write in Envoy::JsonEscaper::escapeString can corrupt std::string null-termination, causing undefined behavior and potentially leading to crashes or out-of-bounds reads when the...