5 matches found
CVE-2024-39305
Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...
BIT-ENVOY-2024-39305 Envoy Proxy use after free when route hash policy is configured with cookie attributes
Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...
CVE-2024-39305 Envoy Proxy use after free when route hash policy is configured with cookie attributes
Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...
CVE-2024-39305 Envoy Proxy use after free when route hash policy is configured with cookie attributes
Envoy is a cloud-native, open source edge and service proxy. Prior to versions 1.30.4, 1.29.7, 1.28.5, and 1.27.7. Envoy references already freed memory when route hash policy is configured with cookie attributes. Note that this vulnerability has been fixed in the open as the effect would be...
CVE-2024-39305
Envoy vulnerability CVE-2024-39305: In versions prior to 1.30.4, 1.29.7, 1.28.5, and 1.27.7, there is a use-after-free when route hash policy is configured with cookie attributes. During request processing Envoy may copy content from de-allocated memory into the request cookie header, potentially...