10 matches found
BIT-ENVOY-2026-26330 Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...
CVE-2026-26330
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...
CVE-2026-26330
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...
CVE-2026-26330 Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...
CVE-2026-26330 Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, At the rate limit filter, if the response phase limit with applyonstreamdone in the rate limit configuration is enabled and the response phase limit request fails directly, it may crash Envoy. Whe...
CVE-2026-26330
CVE-2026-26330 affects Envoy prior to versions 1.37.1, 1.36.5, 1.35.8, and 1.34.13. The issue occurs in the rate limit filter when the response phase limit is enabled and the response phase limit request fails directly, causing a crash due to access to an inner state that is not cleaned up after ...
EUVD-2026-10807
Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly...
EUVD-2026-10806
Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly...
Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
Summary At the rate limit filter, if we enabled the response phase limit with applyonstreamdone in the rate limit configuration and the response phase limit request fails directly, it may crash Envoy. Details When both the request phase limit and response phase limit are enabled, the safe gRPC...
GHSA-C23C-RP3M-VPG3 Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
Summary At the rate limit filter, if we enabled the response phase limit with applyonstreamdone in the rate limit configuration and the response phase limit request fails directly, it may crash Envoy. Details When both the request phase limit and response phase limit are enabled, the safe gRPC...