CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
17.0%
github.com/envoyproxy/envoy is vulnerable of Denial Of Service (DoS). The vulnerability is due to missing checks to determine if an address type is supported by the OS. An attacker can send a request using a IPv6 address to a host with IPv6 disabled and a listener config with proxy protocol enabled, which results in DoS.
github.com/envoyproxy/envoy/commit/982545851087d683bff9cda7036f0b590dd5bb75#diff-6925fefb8a60a68e4059b0d4fdbb943c4b3af9fa77df231724cabcc1f1b35f9f
github.com/envoyproxy/envoy/commit/a683c05870786a2bfce557492d8b0617967a0081#diff-6925fefb8a60a68e4059b0d4fdbb943c4b3af9fa77df231724cabcc1f1b35f9f
github.com/envoyproxy/envoy/commit/b09657251b0b6c81f8af83425b995c19ae723614#diff-6925fefb8a60a68e4059b0d4fdbb943c4b3af9fa77df231724cabcc1f1b35f9f
github.com/envoyproxy/envoy/commit/bacd3107455b8d387889467725eb72aa0d5b5237
github.com/envoyproxy/envoy/commit/cfdeedc554d109519e7f686f3fb064b7c27ca91b#diff-6925fefb8a60a68e4059b0d4fdbb943c4b3af9fa77df231724cabcc1f1b35f9f
github.com/envoyproxy/envoy/security/advisories/GHSA-5m7c-mrwr-pm26