Amazon Linux 2 : ecs-service-connect-agent, --advisory ALAS2ECS-2026-100 (ALASECS-2026-100)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.34.13.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-100 advisory. Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and...

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2026-1532)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1532 advisory. Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, the Envoy RBAC Role-Based Access Control filter contains a logic vulnerability in how it...

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

Important: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a server can be tricked into adding an upgrade header into a response. Per RFC https://www.rfc-editor.org/rfc/rfc7230section-6.7 a server sends 101 wh...

CVE-2021-39206 Incorrect Authorization with specially crafted requests

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related vulnerabilities CVE-2021-32777 and CVE-2021-32779. This may lead to incorrect routing or authorization policy decisions. With specially crafted requests, incorrect...