3 matches found
EUVD-2026-10803
Envoy is a high-performance edge/middle/service proxy. Prior to 1.37.1, 1.36.5, 1.35.8, and 1.34.13, calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the originalsrc filter and the dns filter. This vulnerability is fixe...
CVE-2026-26310
Envoy (the Envoy proxy) has a vulnerability CVE-2026-26310 where calling Utility::getAddressWithPort with scoped IPv6 addresses can crash the data plane via original_src/dns filters. Affected pre-1.37.1 releases (and some older branches) are fixed in versions 1.37.1, 1.36.5, 1.35.8, and 1.34.13. ...
PT-2026-24615
Summary Calling Utility::getAddressWithPort with a scoped IPv6 addresses causes a crash. This utility is called in the data plane from the original src filter and the dns filter. Details The crashing function is Utility::getAddressWithPort. The crash occurs if a string containing a scoped IPv6...