4 matches found
Envoy has an unspecified vulnerability (CNVD-2022-82665)
Envoy is an open source distributed proxy server. security vulnerability exists in versions prior to Envoy 1.22.1, which stems from secompressors accumulating decompressed data into an intermediate buffer before overwriting the body in decode/encodeBody, which can be exploited by attackers to...
Envoy has an unspecified vulnerability (CNVD-2022-82668)
Envoy is an open source distributed proxy server.A security vulnerability exists in versions of Envoy prior to 1.22.1, which stems from the fact that OAuth filters will attempt to invoke the remaining filters in the chain after issuing a local response. No detailed vulnerability details are...
Envoy Trust Management Issue Vulnerability (CNVD-2022-15535)
Envoy is an open source distributed proxy server. Envoy is vulnerable to a trust management issue, which stems from the fact that Envoy's tls allows certain certificate authentication settings to be reused after they have been changed from their default configuration. No detailed vulnerability...
Envoy integer overflow vulnerability
Envoy is an open source distributed proxy server. versions prior to Envoy 1.71.1 are vulnerable to integer overflow, which can be exploited by an attacker with an excessive grpc-timeout value to cause an unexpected timeout calculation...