Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.7 views

CVE-2024-39305

Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...

9.1CVSS6.8AI score0.00647EPSS
Exploits0References1
OSV
OSV
added 2024/07/03 7:17 a.m.32 views

BIT-ENVOY-2024-39305 Envoy Proxy use after free when route hash policy is configured with cookie attributes

Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...

9.1CVSS6.5AI score0.00647EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/07/01 9:10 p.m.40 views

CVE-2024-39305 Envoy Proxy use after free when route hash policy is configured with cookie attributes

Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...

6.5CVSS0.00647EPSS
Exploits0References5
OSV
OSV
added 2024/07/01 9:10 p.m.16 views

CVE-2024-39305 Envoy Proxy use after free when route hash policy is configured with cookie attributes

Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...

6.5CVSS6.6AI score0.00647EPSS
Exploits0References7
CVE
CVE
added 2024/07/01 9:10 p.m.68 views

CVE-2024-39305

Envoy vulnerability CVE-2024-39305: In versions prior to 1.30.4, 1.29.7, 1.28.5, and 1.27.7, there is a use-after-free when route hash policy is configured with cookie attributes. During request processing Envoy may copy content from de-allocated memory into the request cookie header, potentially...

9.1CVSS6.6AI score0.00647EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder