27 matches found
CVE-2026-47207
CVE-2026-47207 : Envoy crashes when an ext_proc server sends a single gRPC message containing multiple ProcessingResponse messages, leading to a use-after-free during processing of subsequent responses. Affected: Envoy versions 1.34.0 through 1.35.12 (as 1.35.13 fixes the issue) and 1.36.0–1.36.8...
PT-2026-52882
Name of the Vulnerable Software and Affected Versions Envoy versions 1.26.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description The envoy.filters.http.grpc stats filter is subject to a null pointer dereference,...
Medium: ecs-service-connect-agent
Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...
CVE-2026-26310
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...
CVE-2026-26330
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...
CVE-2026-26310 Crash for scoped ip address in Envoy during DNS
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...
CVE-2026-26310 Crash for scoped ip address in Envoy during DNS
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...
EUVD-2025-201100
Envoy crashes when JWT authentication is configured with the remote JWKS fetching...
CVE-2025-64527 Envoy crashes when JWT authentication is configured with the remote JWKS fetching
Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, Envoy crashes when JWT authentication is configured with the remote JWKS fetching, allowmissingorfailed is enabled, multiple JWT tokens are present in the request headers and the JWKS fetch...
PT-2025-48969
Name of the Vulnerable Software and Affected Versions Envoy versions 1.33.12 through 1.36.2 Description Envoy, a high-performance edge/middle/service proxy, experiences crashes when JWT authentication is configured with remote JWKS fetching enabled, allow missing or failed is set to true, multipl...
EUVD-2024-20840
Malicious code in bioql PyPI...
EUVD-2024-34736
Malicious code in bioql PyPI...
GHSA-CF3Q-GQG7-3FM9 Envoy crashes when HTTP ext_proc processes local replies
Summary Envoy's extproc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the fail of a websocket handshake will trigger a local reply leading to the crash of Envoy. PoC If both websocket and extproc are...
Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2025-047)
The version of ecs-service-connect-agent installed on the remote host is prior to v1.29.12.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-047 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError...
Important: ecs-service-connect-agent
Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called...
Important: ecs-service-connect-agent
Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called...
Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.5
Red Hat OpenShift Service Mesh Containers for 2.6.5 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift...
SUSE CVE-2024-53270
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called. However, the...
CVE-2024-53270 HTTP/1: sending overload crashes when the request is reset beforehand in envoy
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called. However, the...
CVE-2024-53270 HTTP/1: sending overload crashes when the request is reset beforehand in envoy
Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called. However, the...