175 matches found
EUVD-2018-17302
Malware in sbrugna...
EUVD-2024-31971
Malicious code in bioql PyPI...
EUVD-2025-26470
Malicious code in bioql PyPI...
EUVD-2022-28127
Malicious code in bioql PyPI...
EUVD-2025-24640
Malicious code in bioql PyPI...
EUVD-2021-31073
Malicious code in bioql PyPI...
GHSA-G9VW-6PVX-7GMW Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Summary A use-after-free UAF vulnerability in Envoy's DNS cache causes abnormal process termination. Envoy may reallocate memory when processing a pending DNS resolution, causing list iterator to reference freed memory. Details The vulnerability exists in Envoy's Dynamic Forward Proxy...
Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Summary A use-after-free UAF vulnerability in Envoy's DNS cache causes abnormal process termination. Envoy may reallocate memory when processing a pending DNS resolution, causing list iterator to reference freed memory. Details The vulnerability exists in Envoy's Dynamic Forward Proxy...
SUSE CVE-2025-54588
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
BIT-ENVOY-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
CVE-2025-54588
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Versions 1.34.0 through 1.34.4 and 1.35.0 contain a use-after-free UAF vulnerability in the DNS cache, causing abnormal process termination. The vulnerability is in Envoy's Dynamic...
CVE-2025-54588
Envoy DNS cache use-after-free in the Dynamic Forward Proxy (DFP) → triggers when a DNS resolution callback fires new resolutions or cancels existing ones, under specific conditions (DFP-enabled, envoy.reloadable_features.dfp_cluster_resolves_hosts enabled, and Host header modified between Dynami...
PT-2025-35643
Name of the Vulnerable Software and Affected Versions: Envoy versions 1.34.0 through 1.34.4 Envoy version 1.35.0 Description: Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. Affected versions contain a use-after-free UAF vulnerabili...
CVE-2025-52585
When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman ADH ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical...
CVE-2025-52585
When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman ADH ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical...
CVE-2025-52585
When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman ADH ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical...
CVE-2025-52585 BIG-IP Client SSL profile vulnerability
When a BIG-IP LTM Client SSL profile is configured on a virtual server with SSL Forward Proxy enabled and Anonymous Diffie-Hellman ADH ciphers enabled, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical...
CVE-2025-52585
CVE-2025-52585 affects BIG-IP BIG-IP LTM Client SSL profile when SSL Forward Proxy is enabled and ADH ciphers are active. Undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate, disrupting traffic (DoS) with remote unauthenticated access. Supported advisories indicat...