5.3

CVE-2025-46821

EPSS 0.01%
Published 07.05.2025 21:24:07
Last modified 03.09.2025 17:57:13
Source security-advisories@github.com
Teams watchlist Login
Open Login

Envoy is a cloud-native edge/middle/service proxy. Prior to versions 1.34.1, 1.33.3, 1.32.6, and 1.31.8, Envoy's URI template matcher incorrectly excludes the `*` character from a set of valid characters in the URI path. As a result URI path containing the `*` character will not match a URI template expressions. This can result in bypass of RBAC rules when configured using the `uri_template` permissions. This vulnerability is fixed in Envoy versions v1.34.1, v1.33.3, v1.32.6, v1.31.8. As a workaround, configure additional RBAC permissions using `url_path` with `safe_regex` expression.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Envoyproxy ≫ Envoy Version < 1.31.8

Envoyproxy ≫ Envoy Version >= 1.32.0 < 1.32.6

Envoyproxy ≫ Envoy Version >= 1.33.0 < 1.33.3

Envoyproxy ≫ Envoy Version1.34.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.005

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
security-advisories@github.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-186 Overly Restrictive Regular Expression

A regular expression is overly restrictive, which prevents dangerous values from being detected.

https://github.com/envoyproxy/envoy/security/advisories/GHSA-c7cm-838g-6g67

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-46821

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-46821

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-46821

EUVD