Lucene search
K

27 matches found

CVE
CVE
added last week12 views

CVE-2026-47207

CVE-2026-47207 : Envoy crashes when an ext_proc server sends a single gRPC message containing multiple ProcessingResponse messages, leading to a use-after-free during processing of subsequent responses. Affected: Envoy versions 1.34.0 through 1.35.12 (as 1.35.13 fixes the issue) and 1.36.0–1.36.8...

6.5CVSS5.7AI score0.00444EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.10 views

PT-2026-52882

Name of the Vulnerable Software and Affected Versions Envoy versions 1.26.0 through 1.35.12 Envoy versions 1.36.0 through 1.36.8 Envoy versions 1.37.0 through 1.37.4 Envoy versions 1.38.0 through 1.38.2 Description The envoy.filters.http.grpc stats filter is subject to a null pointer dereference,...

7.5CVSS5.7AI score0.00448EPSS
Exploits1References3
Amazon
Amazon
added 2026/05/09 12:0 a.m.16 views

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

7.5CVSS7.2AI score0.16212EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/03/26 3:6 p.m.4 views

CVE-2026-26310

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...

7.5CVSS5.8AI score0.00388EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/10 7:19 p.m.5 views

CVE-2026-26330

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...

5.3CVSS5.8AI score0.00315EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/10 7:8 p.m.25 views

CVE-2026-26310 Crash for scoped ip address in Envoy during DNS

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...

5.9CVSS0.00388EPSS
Exploits1References1
OSV
OSV
added 2026/03/10 7:8 p.m.6 views

CVE-2026-26310 Crash for scoped ip address in Envoy during DNS

Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...

5.9CVSS5.8AI score0.00388EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/05 6:12 p.m.6 views

EUVD-2025-201100

Envoy crashes when JWT authentication is configured with the remote JWKS fetching...

6.5CVSS6.7AI score0.00497EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/12/03 6:4 p.m.2 views

CVE-2025-64527 Envoy crashes when JWT authentication is configured with the remote JWKS fetching

Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, Envoy crashes when JWT authentication is configured with the remote JWKS fetching, allowmissingorfailed is enabled, multiple JWT tokens are present in the request headers and the JWKS fetch...

6.5CVSS6.8AI score0.00497EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/03 12:0 a.m.8 views

PT-2025-48969

Name of the Vulnerable Software and Affected Versions Envoy versions 1.33.12 through 1.36.2 Description Envoy, a high-performance edge/middle/service proxy, experiences crashes when JWT authentication is configured with remote JWKS fetching enabled, allow missing or failed is set to true, multipl...

6.5CVSS6.9AI score0.00497EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-20840

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00751EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-34736

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00674EPSS
Exploits1References1
OSV
OSV
added 2025/03/21 3:23 p.m.10 views

GHSA-CF3Q-GQG7-3FM9 Envoy crashes when HTTP ext_proc processes local replies

Summary Envoy's extproc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the fail of a websocket handshake will trigger a local reply leading to the crash of Envoy. PoC If both websocket and extproc are...

6.5CVSS7AI score0.00406EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/26 12:0 a.m.10 views

Amazon Linux 2 : ecs-service-connect-agent (ALASECS-2025-047)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.29.12.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-047 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError...

7.5CVSS7.2AI score0.00687EPSS
Exploits1References4
Amazon
Amazon
added 2025/02/25 12:0 a.m.7 views

Important: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called...

7.5CVSS6.8AI score0.00687EPSS
Exploits1
Amazon
Amazon
added 2025/02/21 12:0 a.m.12 views

Important: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called...

7.5CVSS6.8AI score0.00687EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2025/02/05 9:4 a.m.14 views

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.5

Red Hat OpenShift Service Mesh Containers for 2.6.5 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift...

7.5CVSS6.7AI score0.00856EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2024/12/21 12:19 a.m.2 views

SUSE CVE-2024-53270

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called. However, the...

7.5CVSS6.8AI score0.00687EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/12/18 7:12 p.m.19 views

CVE-2024-53270 HTTP/1: sending overload crashes when the request is reset beforehand in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called. However, the...

7.5CVSS0.00687EPSS
Exploits1References2
OSV
OSV
added 2024/12/18 7:12 p.m.4 views

CVE-2024-53270 HTTP/1: sending overload crashes when the request is reset beforehand in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions sendOverloadError is going to assume the active request exists when envoy.loadshedpoints.http1serverabortdispatch is configured. If activerequest is nullptr, only onMessageBeginImpl is called. However, the...

7.5CVSS7.2AI score0.00687EPSS
Exploits1References4
Rows per page
Query Builder