Lucene search

K
EnvoyproxyEnvoy

83 matches found

CVE
CVE
added 2023/10/10 2:15 p.m.4474 views

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.5CVSS8AI score0.9441EPSS
CVE
CVE
added 2023/07/25 7:15 p.m.2510 views

CVE-2023-35942

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a use-after-free crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1....

6.5CVSS7.8AI score0.00016EPSS
CVE
CVE
added 2024/02/09 11:15 p.m.210 views

CVE-2024-23322

Envoy is a high-performance edge/middle/service proxy. Envoy will crash when certain timeouts happen within the same interval. The crash occurs when the following are true: 1. hedge_on_per_try_timeout is enabled, 2. per_try_idle_timeout is enabled (it can only be done in configuration), 3. per-try-...

7.5CVSS7.3AI score0.0006EPSS
CVE
CVE
added 2023/07/13 9:15 p.m.193 views

CVE-2023-35945

Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeeping structures upon receiving RST_STREAM immediately followed by the GOAWAY frames from an upstream server. In nghttp2, cleanup of pending requests due to receipt of the GOAWAY...

7.5CVSS7.4AI score0.00095EPSS
CVE
CVE
added 2019/11/11 1:15 a.m.177 views

CVE-2019-18836

Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continue_on_listener_filters_timeout is used."

7.5CVSS7.2AI score0.00155EPSS
CVE
CVE
added 2019/12/13 1:15 p.m.163 views

CVE-2019-18802

An issue was discovered in Envoy 1.12.0. An untrusted remote client may send an HTTP header (such as Host) with whitespace after the header content. Envoy will treat "header-value " as a different string from "header-value" so for example with the Host header "example.com " one could bypass "exampl...

9.8CVSS9.2AI score0.00045EPSS
CVE
CVE
added 2023/04/04 4:15 p.m.148 views

CVE-2023-27487

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the client may bypass JSON Web Token (JWT) checks and forge fake original paths. The header x-envoy-original-path should be an internal header, but En...

9.1CVSS8.7AI score0.00024EPSS
CVE
CVE
added 2023/04/04 8:15 p.m.147 views

CVE-2023-27493

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, Envoy does not sanitize or escape request properties when generating request headers. This can lead to characters that are illegal in header values to...

9.1CVSS8.7AI score0.00011EPSS
CVE
CVE
added 2023/04/04 7:15 p.m.146 views

CVE-2023-27492

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the Lua filter is vulnerable to denial of service. Attackers can send large request bodies for routes that have Lua filter enabled and trigger crashes...

6.5CVSS6.6AI score0.00034EPSS
CVE
CVE
added 2022/02/22 11:15 p.m.144 views

CVE-2021-43826

Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions of Envoy a crash occurs when configured for :ref:upstream tunneling and the downstream connection disconnects while the the upstream connection or http/2 stream is still being established. ...

7.5CVSS7.5AI score0.0009EPSS
CVE
CVE
added 2023/04/04 6:15 p.m.144 views

CVE-2023-27488

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when failure_mode_allow: true is configured for ext_authz filter. For affected components that are used for loggi...

9.8CVSS7.5AI score0.00027EPSS
CVE
CVE
added 2023/04/04 8:15 p.m.144 views

CVE-2023-27496

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the OAuth filter assumes that a state query param is present on any response that looks like an OAuth redirect response. Sending it a request with the...

7.5CVSS7.6AI score0.00028EPSS
CVE
CVE
added 2022/02/22 11:15 p.m.143 views

CVE-2022-21654

Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised t...

9.8CVSS8.3AI score0.00057EPSS
CVE
CVE
added 2023/04/04 7:15 p.m.138 views

CVE-2023-27491

Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject malformed request lines. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, There is a possibility that non compliant HTTP/1 service may allow malformed requests,...

9.1CVSS6.9AI score0.00017EPSS
CVE
CVE
added 2022/02/22 11:15 p.m.137 views

CVE-2021-43825

Envoy is an open source edge and service proxy, designed for cloud-native applications. Sending a locally generated response must stop further processing of request or response data. Envoy tracks the amount of buffered request and response data and aborts the request if the amount of buffered data ...

7.5CVSS6.8AI score0.00091EPSS
CVE
CVE
added 2022/02/22 11:15 p.m.137 views

CVE-2022-21655

Envoy is an open source edge and service proxy, designed for cloud-native applications. The envoy common router will segfault if an internal redirect selects a route configured with direct response or redirect actions. This will result in a denial of service. As a workaround turn off internal redir...

7.5CVSS7.4AI score0.00116EPSS
CVE
CVE
added 2022/02/22 11:15 p.m.133 views

CVE-2021-43824

Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions a crafted request crashes Envoy when a CONNECT request is sent to JWT filter configured with regex match. This provides a denial of service attack vector. The only workaround is to not use r...

7.5CVSS7.2AI score0.00118EPSS
CVE
CVE
added 2022/02/22 11:15 p.m.132 views

CVE-2022-23606

Envoy is an open source edge and service proxy, designed for cloud-native applications. When a cluster is deleted via Cluster Discovery Service (CDS) all idle connections established to endpoints in that cluster are disconnected. A recursion was introduced in the procedure of disconnecting idle con...

6.5CVSS5.5AI score0.00094EPSS
CVE
CVE
added 2022/02/22 11:15 p.m.129 views

CVE-2022-21656

Envoy is an open source edge and service proxy, designed for cloud-native applications. The default_validator.cc implementation used to implement the default certificate validation routines has a "type confusion" bug when processing subjectAltNames. This processing allows, for example, an rfc822Nam...

7.4CVSS6AI score0.00018EPSS
CVE
CVE
added 2023/07/25 7:15 p.m.128 views

CVE-2023-35943

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, the CORS filter will segfault and crash Envoy when the origin header is removed and deleted between decodeHeadersand encodeHeaders. Versions 1.27.0,...

7.5CVSS7.6AI score0.00009EPSS
CVE
CVE
added 2022/02/22 11:15 p.m.126 views

CVE-2022-21657

Envoy is an open source edge and service proxy, designed for cloud-native applications. In affected versions Envoy does not restrict the set of certificates it accepts from the peer, either as a TLS client or a TLS server, to only those certificates that contain the necessary extendedKeyUsage (id-k...

6.8CVSS6.6AI score0.00037EPSS
CVE
CVE
added 2021/05/28 9:15 p.m.117 views

CVE-2021-29492

Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences %2F and %5C in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. /something%2F..%2Fadmin, to bypass access control, e.g. a block on /admin. A ba...

8.3CVSS8AI score0.07418EPSS
CVE
CVE
added 2021/08/24 9:15 p.m.112 views

CVE-2021-32777

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the external authorization service it must merge multiple value headers according to the HTTP spec. However, o...

8.6CVSS8.5AI score0.0002EPSS
CVE
CVE
added 2021/08/24 9:15 p.m.110 views

CVE-2021-32779

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI '#fragment' element as part of the path element. Envoy is configured with an RBAC filter for authorization or similar mechanism with ...

8.6CVSS8.5AI score0.00035EPSS
CVE
CVE
added 2022/06/09 8:15 p.m.109 views

CVE-2022-29225

Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 secompressors accumulate decompressed data into an intermediate buffer before overwriting the body in the decode/encodeBody. This may allow an attacker to zip bomb the decompressor by sending a small highly compressed paylo...

7.5CVSS8.3AI score0.00023EPSS
CVE
CVE
added 2022/06/09 7:15 p.m.105 views

CVE-2022-29224

Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can “hold” (prevent removal) upstrea...

5.9CVSS7.2AI score0.0032EPSS
CVE
CVE
added 2020/03/04 10:15 p.m.103 views

CVE-2020-8660

CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed (not recognized as a TLS client) by a client using only TLS 1.3. Because TLS extensions (SNI, ALPN) were not inspected, those connections might have been matched to a wrong filter chain, possibly bypassing some s...

5.3CVSS5.6AI score0.00025EPSS
CVE
CVE
added 2020/07/01 3:15 p.m.101 views

CVE-2020-12605

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.

7.5CVSS7.4AI score0.00607EPSS
CVE
CVE
added 2021/05/20 5:15 p.m.99 views

CVE-2021-28682

An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.

7.5CVSS7.5AI score0.00086EPSS
CVE
CVE
added 2019/08/19 11:15 p.m.98 views

CVE-2019-15225

In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. A remote attacker may send a request with a very long URI to result in a denial of service (memory consumption). This is a related issue to CVE-2019-14993.

7.5CVSS7.3AI score0.00785EPSS
CVE
CVE
added 2021/05/20 5:15 p.m.98 views

CVE-2021-29258

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion.

7.5CVSS7.4AI score0.00116EPSS
CVE
CVE
added 2024/04/04 8:15 p.m.97 views

CVE-2024-30255

Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send an unlimited number of CONTINUATI...

5.3CVSS5.5AI score0.91843EPSS
CVE
CVE
added 2020/07/01 3:15 p.m.96 views

CVE-2020-12604

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream.

7.5CVSS7.3AI score0.00435EPSS
CVE
CVE
added 2021/08/24 9:15 p.m.96 views

CVE-2021-32781

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop further processing of request or response data. However when local response is generated due the internal...

8.6CVSS7.8AI score0.00076EPSS
CVE
CVE
added 2020/04/15 2:15 a.m.95 views

CVE-2020-11767

Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. If there is a TCP connection (negotiated with SNI over HTTPS) to *.example.com, a request for a domain concurrently configured explicitly (e.g., abc.example.com) is sent to the server(s) listening behind *.example.com. The outcome...

3.1CVSS3.9AI score0.00087EPSS
CVE
CVE
added 2021/05/20 5:15 p.m.94 views

CVE-2021-28683

An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.

7.5CVSS7.4AI score0.00116EPSS
CVE
CVE
added 2020/07/01 2:15 p.m.92 views

CVE-2020-12603

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.

7.5CVSS7.4AI score0.00607EPSS
CVE
CVE
added 2020/07/01 3:15 p.m.91 views

CVE-2020-8663

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections.

7.5CVSS7.4AI score0.00091EPSS
CVE
CVE
added 2021/08/24 9:15 p.m.91 views

CVE-2021-32780

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions Envoy transitions a H/2 connection to the CLOSED state when it receives a GOAWAY frame without any streams outstanding. The connection state is transitioned to DRAIN...

8.6CVSS7.8AI score0.00077EPSS
CVE
CVE
added 2024/09/20 12:15 a.m.90 views

CVE-2024-45810

Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy will crash when the http async client is handling sendLocalReply under some circumstance, e.g., websocket upgrade, and requests mirroring. The http async client will crash during the sendLocalReply() in http async client, one...

7.5CVSS7AI score0.00046EPSS
CVE
CVE
added 2025/03/21 3:15 p.m.90 views

CVE-2025-30157

Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failure of a websocket ...

7.5CVSS6.3AI score0.00005EPSS
CVE
CVE
added 2021/03/11 3:15 a.m.89 views

CVE-2021-21378

Envoy is a cloud-native high-performance edge/middle/service proxy. In Envoy version 1.17.0 an attacker can bypass authentication by presenting a JWT token with an issuer that is not in the provider list when Envoy's JWT Authentication filter is configured with the allow_missing requirement under r...

8.2CVSS8.2AI score0.00233EPSS
CVE
CVE
added 2024/02/09 11:15 p.m.88 views

CVE-2024-23324

Envoy is a high-performance edge/middle/service proxy. External authentication can be bypassed by downstream connections. Downstream clients can force invalid gRPC requests to be sent to ext_authz, circumventing ext_authz checks when failure_mode_allow is set to true. This issue has been addressed ...

8.6CVSS7.4AI score0.00021EPSS
CVE
CVE
added 2022/06/09 8:15 p.m.84 views

CVE-2022-29228

Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter would try to invoke the remaining filters in the chain after emitting a local response, which triggers an ASSERT() in newer versions and corrupts memory on earlier versions. continueDecoding() shouldn’t eve...

7.5CVSS8.3AI score0.00171EPSS
CVE
CVE
added 2021/08/24 9:15 p.m.83 views

CVE-2021-32778

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy’s procedure for resetting a HTTP/2 stream has O(N^2) complexity, leading to high CPU utilization when a large number of streams are reset. Deployments are susc...

7.5CVSS6.3AI score0.0007EPSS
CVE
CVE
added 2022/06/09 8:15 p.m.81 views

CVE-2022-29226

Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter implementation does not include a mechanism for validating access tokens, so by design when the HMAC signed cookie is missing a full authentication flow should be triggered. However, the current implementat...

10CVSS9.4AI score0.0004EPSS
CVE
CVE
added 2024/04/04 3:15 p.m.80 views

CVE-2024-27919

Envoy is a cloud-native, open-source edge and service proxy. In versions 1.29.0 and 1.29.1, theEnvoy HTTP/2 protocol stack is vulnerable to the flood of CONTINUATION frames. Envoy's HTTP/2 codec does not reset a request when header map limits have been exceeded. This allows an attacker to send an s...

7.5CVSS7.4AI score0.49159EPSS
CVE
CVE
added 2024/09/20 12:15 a.m.80 views

CVE-2024-45806

Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's default configuration of...

6.5CVSS6.8AI score0.00331EPSS
CVE
CVE
added 2020/12/15 1:15 a.m.78 views

CVE-2020-35471

Envoy before 1.16.1 mishandles dropped and truncated datagrams, as demonstrated by a segmentation fault for a UDP packet size larger than 1500.

7.5CVSS7.5AI score0.00069EPSS
CVE
CVE
added 2024/04/18 3:15 p.m.77 views

CVE-2024-32475

Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with auto_sni enabled, a request containing a host/:authority header longer than 255 characters triggers an abnormal termination of Envoy process. Envoy does not gracefully handle an error when setting...

7.5CVSS6.5AI score0.00057EPSS
Total number of security vulnerabilities83