Envoy Proxy URI Path Validation Issue in Envoy Proxy
CVE-2025-46821

5.3MEDIUM

Key Information:

Vendor: Envoyproxy
Status: Envoy
Vendor: CVE Published:; 7 May 2025

What is CVE-2025-46821?

Envoy Proxy's URI template matcher exhibits a flaw that inadequately validates the * character within URI paths. Before the fixed versions, URIs containing this character would not comply with URI template expressions, potentially leading to unauthorized access through the bypass of role-based access control (RBAC) rules. This vulnerability emphasizes the importance of configuring additional permissions using url_path with a safe_regex expression as a workaround. The issue has been rectified in Envoy versions 1.34.1, 1.33.3, 1.32.6, and 1.31.8.

Affected Version(s)

envoy < 1.31.8 < 1.31.8

envoy >= 1.32.0, < 1.32.6 < 1.32.0, 1.32.6

envoy >= 1.33.0, < 1.33.3 < 1.33.0, 1.33.3

References

https://github.com/envoyproxy/envoy/security/advisories/G...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 7, 2025
Vulnerability Reserved
Apr 30, 2025

CVE-2025-46821 Data

JSON

Envoyproxy

What is CVE-2025-46821?

Affected Version(s)

References

CVSS V3.1

Timeline