Lucene search
K

92 matches found

RedhatCVE
RedhatCVE
added 4 days ago6 views

CVE-2026-47221

A flaw was found in Envoy. An unauthenticated attacker can exploit a null pointer dereference vulnerability in the router filter. This occurs when handling HTTP 303 See Other internal redirects for body-less non-GET/HEAD requests. By sending a POST, PUT, DELETE, or PATCH request without a body to...

7.5CVSS5.6AI score0.00445EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 4 days ago5 views

CVE-2026-48042

A flaw was found in Envoy, an open-source edge and service proxy. A remote attacker could exploit this vulnerability by sending deeply nested JSON objects to the affected system. This could lead to a stack overflow during the destruction of JSON objects, resulting in a Denial of Service DoS for t...

7.5CVSS5.7AI score0.00557EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 4 days ago8 views

CVE-2026-47204

A flaw was found in Envoy, an open source edge and service proxy. A remote attacker can exploit this vulnerability by sending a specially crafted Connect protocol request to a direct response route. This action causes the envoy.filters.http.grpcstats filter to crash, leading to a denial of servic...

7.5CVSS5.7AI score0.00448EPSS
Exploits1References4
NVD
NVD
added 2026/06/26 7:16 p.m.8 views

CVE-2026-48090

Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter envoy.filters.http.oauth2 can leave an in-flight async token exchange attached to a downstream stream that has already been torn down. A late...

5.9CVSS0.00579EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 6:17 p.m.4 views

CVE-2026-48743

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, Envoy can translate a downstream HTTP/3 request that is complete at the transport layer HEADERS with FIN / headers-only close but still carries a nonzero...

7.5CVSS0.00298EPSS
Exploits1References1
NVD
NVD
added 2026/06/26 6:16 p.m.8 views

CVE-2026-47775

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, the OAuth2 HTTP filter's encrypt/decrypt functions use AES-256-CBC without an authentication tag no HMAC, no AEAD. The /callback endpoint returns HTTP 302 on...

6.8CVSS0.00219EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/26 5:29 p.m.33 views

CVE-2026-48042 Envoy: Stack overflow in destructor of highly nested JSON

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, destructor of JSON Object results in stack overflow when deeply O100K nested objects are present. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1...

7.5CVSS0.00557EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.12 views

PT-2026-52889

Name of the Vulnerable Software and Affected Versions Envoy versions 1.23.0 through 1.35.10 Envoy versions 1.36.0 through 1.36.6 Envoy versions 1.37.0 through 1.37.2 Envoy versions 1.38.0 through 1.38.0 Description A flaw exists in the zstd decompressor implementation ZstdDecompressorImpl. When...

7.5CVSS5.7AI score0.00486EPSS
Exploits1References19
OSV
OSV
added 2026/06/22 5:40 a.m.3 views

BIT-ENVOY-2026-47774 Envoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplification

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...

7.5CVSS6AI score0.00708EPSS
Exploits0References3
Amazon
Amazon
added 2026/06/22 12:0 a.m.10 views

Important: ecs-service-connect-agent

Issue Overview: A denial-of-service vulnerability was found in Envoy's HTTP/2 HPACK header compression implementation. A remote attacker could send a specially crafted HTTP/2 request that triggers disproportionately large memory allocations on the server, leading to resource exhaustion and denial...

7.5CVSS6.2AI score0.00708EPSS
Exploits0
CVE
CVE
added 2026/06/17 4:58 p.m.125 views

CVE-2026-47774

CVE-2026-47774 affects Envoy prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1. A vulnerability in HTTP/2 downstream request processing combines two issues: (1) cookie header bytes are not fully accounted for during request header size validation, and (2) HPACK header limits are enforced on e...

7.5CVSS5.8AI score0.00708EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/17 4:58 p.m.10 views

EUVD-2026-37765

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a vulnerability in Envoy's HTTP/2 downstream request processing allows an unauthenticated remote client to trigger excessive memory consumption, potentiall...

7.5CVSS5.8AI score0.00708EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2026/06/03 8:33 a.m.31 views

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability has been codenamed HTTP/2 Bomb by Calif. "The vulnerable behavior exists in each server's...

7.5CVSS6AI score0.48438EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.13 views

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2026-1603)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1603 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized...

7.5CVSS6.9AI score0.16212EPSS
Exploits2References12
EUVD
EUVD
added 2026/04/25 7:0 p.m.11 views

EUVD-2026-25670

A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/headermutation/headermutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack is possible. Patch...

6.5CVSS6.3AI score0.00228EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/25 7:0 p.m.9 views

CVE-2026-6994

A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/headermutation/headermutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack is possible. Patch...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.6 views

Envoy 资源管理错误漏洞

Envoy is an open-source gateway program developed by Enphase for connecting smart home devices. Versions of Envoy prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13 contain a resource management vulnerability. This vulnerability stems from logical flaws in the HTTP connection manager, which may lead to...

5.9CVSS5.8AI score0.00337EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/10 12:0 a.m.7 views

Envoy 输入验证错误漏洞

Envoy is an open-source gateway program developed by Enphase for connecting smart home devices. Versions of Envoy prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13 contained a vulnerability related to input validation errors. This vulnerability occurred when the Utility::getAddressWithPort function wa...

7.5CVSS5.8AI score0.00388EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/12/05 6:14 p.m.9 views

Envoy's TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte

Summary Envoy’s mTLS certificate matcher for matchtypedsubjectaltnames may incorrectly treat certificates containing an embedded null byte \0 inside an OTHERNAME SAN value as valid matches. Details This occurs when the SAN is encoded as a BMPSTRING or UNIVERSALSTRING, and its UTF-8 conversion...

7.1CVSS6.9AI score0.00164EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/12/03 12:0 a.m.4 views

Envoy 安全漏洞

Envoy is an Enphase open source gateway program for connecting smart home devices. A security vulnerability exists in Envoy versions 1.33.12, 1.34.10, 1.35.6, 1.36.2, and prior versions, which stems from a state desynchronization issue when processing CONNECT requests in TCP proxy mode...

5.3CVSS6.5AI score0.00282EPSS
Exploits0References2
Rows per page
Query Builder