Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

envoyproxy — Vulnerabilities & Security Advisories 73

Browse all 73 CVE security advisories affecting envoyproxy. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Envoyproxy serves as a high-performance, open-source edge and service proxy, primarily deployed in cloud-native environments to manage ingress and egress traffic. Despite its architectural robustness, the project has accumulated 73 recorded Common Vulnerabilities and Exposures, reflecting the complexity of its extensive feature set. Historically, these security flaws predominantly involve memory corruption issues, such as buffer overflows and use-after-free errors, which can lead to remote code execution or denial-of-service conditions. While cross-site scripting and privilege escalation are less frequent, configuration errors and parsing vulnerabilities remain significant risks. Notable incidents often stem from improper input validation in HTTP/2 or gRPC handling, allowing attackers to crash proxies or bypass access controls. Continuous patching and strict configuration management are essential for maintaining the integrity of deployments relying on this critical infrastructure component.

Top products by envoyproxy: envoy gateway
CVE IDTitleCVSSSeverityPublished
CVE-2026-26330 Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly — envoyCWE-416 5.3 Medium2026-03-10
CVE-2026-26311 Envoy HTTP: filter chain execution on reset streams causing UAF crash — envoyCWE-416 5.9 Medium2026-03-10
CVE-2026-26310 Crash for scoped ip address in Envoy during DNS — envoyCWE-20 5.9 Medium2026-03-10
CVE-2026-26309 Envoy has an off-by-one write in JsonEscaper::escapeString() — envoyCWE-193 5.3 Medium2026-03-10
CVE-2026-26308 Envoy has an RBAC Header Validation Bypass via Multi-Value Header Concatenation — envoyCWE-863 7.5 High2026-03-10
CVE-2026-22771 Envoy Extension Policy lua scripts injection causes arbitrary command execution — gatewayCWE-94 8.8 High2026-01-12
CVE-2025-66220 Envoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte — envoyCWE-170 5.0 Medium2025-12-03
CVE-2025-64763 Envoy forwards early CONNECT data in TCP proxy mode — envoyCWE-693 3.7 Low2025-12-03
CVE-2025-64527 Envoy crashes when JWT authentication is configured with the remote JWKS fetching — envoyCWE-476 6.5 Medium2025-12-03
CVE-2025-62504 Envoy Lua filter use-after-free when oversized rewritten response body causes crash — envoyCWE-416 6.5 Medium2025-10-16
CVE-2025-62409 Envoy allows large requests and responses to cause TCP connection pool crash — envoyCWE-476 7.5AIHighAI2025-10-16
CVE-2025-55162 Envoy: oAuth2 Filter Signout route will not clear cookies because of missing "secure;" flag — envoyCWE-613 6.3 Medium2025-09-03
CVE-2025-54588 Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults — envoyCWE-416 7.5 High2025-09-02
CVE-2025-46821 Envoy vulnerable to bypass of RBAC uri_template permission — envoyCWE-186 5.3 Medium2025-05-07
CVE-2025-30157 Envoy crashes when HTTP ext_proc processes local replies — envoyCWE-460 6.5 Medium2025-03-21
CVE-2025-25294 Envoy Gateway Log Injection Vulnerability — gatewayCWE-117 5.3 Medium2025-03-06
CVE-2025-24030 Envoy Admin Interface Exposed through prometheus metrics endpoint — gatewayCWE-419 7.1 High2025-01-23
CVE-2024-53271 HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy — envoyCWE-670 7.1 High2024-12-18
CVE-2024-53270 HTTP/1: sending overload crashes when the request is reset beforehand in envoy — envoyCWE-670 7.5 High2024-12-18
CVE-2024-53269 Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy — envoyCWE-670 4.5 Medium2024-12-18
CVE-2024-45806 Potential manipulate `x-envoy` headers from external sources in envoy — envoyCWE-639 6.5 Medium2024-09-19
CVE-2024-45807 oghttp2 crash on OnBeginHeadersForStream in envoy — envoyCWE-670 7.5 High2024-09-19
CVE-2024-45808 Malicious log injection via access logs in envoy — envoyCWE-117 6.5 Medium2024-09-19
CVE-2024-45809 Jwt filter crash in the clear route cache with remote JWKs in envoy — envoyCWE-119 5.3 Medium2024-09-19
CVE-2024-45810 Envoy crashes for LocalReply in http async client — envoyCWE-119 6.5 Medium2024-09-19
CVE-2024-39305 Envoy Proxy use after free when route hash policy is configured with cookie attributes — envoyCWE-416 6.5 Medium2024-07-01
CVE-2024-32974 Envoy affected by a crash in EnvoyQuicServerStream::OnInitialHeadersComplete() — envoyCWE-416 5.9 Medium2024-06-04
CVE-2024-32975 Envoy crashes in QuicheDataReader::PeekVarInt62Length() — envoyCWE-191 5.9 Medium2024-06-04
CVE-2024-32976 Envoy can enter an endless loop while decompressing Brotli data with extra input — envoyCWE-835 7.5 High2024-06-04
CVE-2024-34362 Envoy affected by a crash (use-after-free) in EnvoyQuicServerStream — envoyCWE-416 5.9 Medium2024-06-04

This page lists every published CVE security advisory associated with envoyproxy. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.