CVE-2026-32811

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. When using Heimdall in envoy gRPC decision API mode with versions 0.7.0-alpha through 0.17.10, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed. Envoy splits t...

CVE-2023-27488 Envoy gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received.

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when failuremodeallow: true is configured for extauthz filter. For affected components that are used for loggin...