Use-After-Free

github.com/envoyproxy/envoy is vulnerable to a Use-After-Free. The vulnerability is due to improper handling of DNS cache operations in the Dynamic Forward Proxy implementation, where a completion callback can trigger new or remove existing DNS resolutions, which allows an attacker to cause...

EUVD-2025-26470

Malicious code in bioql PyPI...

GHSA-G9VW-6PVX-7GMW Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults

Summary A use-after-free UAF vulnerability in Envoy's DNS cache causes abnormal process termination. Envoy may reallocate memory when processing a pending DNS resolution, causing list iterator to reference freed memory. Details The vulnerability exists in Envoy's Dynamic Forward Proxy...

Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults

Summary A use-after-free UAF vulnerability in Envoy's DNS cache causes abnormal process termination. Envoy may reallocate memory when processing a pending DNS resolution, causing list iterator to reference freed memory. Details The vulnerability exists in Envoy's Dynamic Forward Proxy...

SUSE CVE-2025-54588

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...

BIT-ENVOY-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...

CVE-2025-54588

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...

CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...

CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...

CVE-2025-54588

Envoy DNS cache use-after-free in the Dynamic Forward Proxy (DFP) → triggers when a DNS resolution callback fires new resolutions or cancels existing ones, under specific conditions (DFP-enabled, envoy.reloadable_features.dfp_cluster_resolves_hosts enabled, and Host header modified between Dynami...

PT-2025-35643

Name of the Vulnerable Software and Affected Versions: Envoy versions 1.34.0 through 1.34.4 Envoy version 1.35.0 Description: Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Affected versions contain a use-after-free UAF vulnerabili...