envoyproxy Summary
Latest vulnerabilities published by envoyproxy
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Session Expiration Flaw in Envoy Proxy by Envoy
CVE-2025-55162EnvoyproxyEnvoy6.3MEDIUMUse-After-Free Vulnerability in Envoy Proxy by Envoy Project
CVE-2025-54588EnvoyproxyEnvoy7.5HIGHEnvoy Proxy URI Path Validation Issue in Envoy Proxy
CVE-2025-46821EnvoyproxyEnvoy5.3MEDIUMService Proxy Vulnerability in Envoy by Envoy Proxy
CVE-2025-30157EnvoyproxyEnvoy7.5HIGHLog Injection Vulnerability in Envoy Gateway by Envoy Proxy
CVE-2025-25294EnvoyproxyGateway5.3MEDIUMPath Traversal Vulnerability in Envoy Gateway by EnvoyProxy
CVE-2025-24030EnvoyproxyGateway7.1HIGHArbitrary Memory Access Vulnerability in Envoy Due to Freed Memory Reference
CVE-2024-39305EnvoyproxyEnvoy6.5MEDIUMUse-After-Free Crash in EnvoyQuicServerStream
CVE-2024-32974EnvoyproxyEnvoy5.9MEDIUMCloud-Native Edge Proxy Vulnerability Affecting Envoy by EnvoyProxy
CVE-2024-34363EnvoyproxyEnvoy7.5HIGHEnvoy Exposes Out-of-Memory Vulnerability in Mirror Response
CVE-2024-34364EnvoyproxyEnvoy5.7MEDIUMEnvoy HTTP/2 Protocol Vulnerable to CPU Exhaustion Due to CONTINUATION Frame Flood
CVE-2024-30255EnvoyproxyEnvoyπΎπ‘EPSS 91%5.3MEDIUMDenial of Service Vulnerability in Envoy's HTTP/2 Protocol Stack
CVE-2024-27919EnvoyproxyEnvoyEPSS 32%7.5HIGHEnvoy Proxy Crashes Due to Timing Issues
CVE-2024-23322envoyproxyenvoy7.5HIGHEnvoy Addresses High CPU Usage and Increased Request Latency Issue with Regular Expressions
CVE-2024-23323envoyproxyenvoy5.3MEDIUMEnvoy Edge/Middle/Service Proxy Vulnerability
CVE-2024-23324envoyproxyenvoy7.5HIGHEnvoy Crashes in Proxy Protocol with IPv6 Addresses
CVE-2024-23325EnvoyproxyEnvoy7.5HIGHEnvoy Proxy Segfaults with PPv2 and LOCAL Requests
CVE-2024-23327EnvoyproxyEnvoy7.5HIGHEnvoy's gRPC access log crash caused by the listener draining
CVE-2023-35942EnvoyproxyEnvoy6.5MEDIUMEnvoy vulnerable to CORS filter segfault when origin header is removed
CVE-2023-35943EnvoyproxyEnvoy6.3MEDIUMEnvoy vulnerable to incorrect handling of HTTP requests and responses with mixed case schemes
CVE-2023-35944EnvoyproxyEnvoy8.2HIGHEnvoy vulnerable to OAuth2 credentials exploit with permanent validity
CVE-2023-35941EnvoyproxyEnvoy8.6HIGHEnvoy vulnerable to HTTP/2 memory leak in nghttp2 codec
CVE-2023-35945EnvoyproxyEnvoy7.5HIGHEnvoy doesn't escape HTTP header values
CVE-2023-27493EnvoyproxyEnvoy8.1HIGHEnvoy may crash when a redirect url without a state param is received in the oauth filter
CVE-2023-27496EnvoyproxyEnvoy6.5MEDIUMEnvoy forwards invalid Http2/Http3 downstream headers
CVE-2023-27491EnvoyproxyEnvoy5.4MEDIUM