Envoyproxy

Envoy

110 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.66%
  • Veröffentlicht 09.09.2021 22:15:09
  • Zuletzt bearbeitet 21.11.2024 06:18:53

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This...

  • EPSS 1.33%
  • Veröffentlicht 24.08.2021 21:15:10
  • Zuletzt bearbeitet 21.11.2024 06:07:43

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions after Envoy sends a locally generated response it must stop further processing of request or response data. However ...

  • EPSS 1.23%
  • Veröffentlicht 24.08.2021 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:07:43

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy’s procedure for resetting a HTTP/2 stream has O(N^2) complexity, leading to high CPU utilization when a large ...

  • EPSS 0.95%
  • Veröffentlicht 24.08.2021 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:07:43

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI '#fragment' element as part of the path element. Envoy is configured with an RBAC fi...

  • EPSS 1.23%
  • Veröffentlicht 24.08.2021 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:07:43

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions Envoy transitions a H/2 connection to the CLOSED state when it receives a GOAWAY frame without any streams outstandi...

  • EPSS 3.33%
  • Veröffentlicht 24.08.2021 21:15:06
  • Zuletzt bearbeitet 21.11.2024 06:07:43

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions when ext-authz extension is sending request headers to the external authorization service it must merge multiple val...

  • EPSS 68.38%
  • Veröffentlicht 28.05.2021 21:15:08
  • Zuletzt bearbeitet 21.11.2024 06:01:14

Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences `%2F` and `%5C` in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. `/something%2F..%2Fadmin`,...

Exploit
  • EPSS 2.04%
  • Veröffentlicht 20.05.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:00:07

An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-timeout value leads to unexpected timeout calculations.

  • EPSS 1.69%
  • Veröffentlicht 20.05.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:00:08

An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS when an unknown TLS alert code is received.

  • EPSS 1.74%
  • Veröffentlicht 20.05.2021 17:15:07
  • Zuletzt bearbeitet 21.11.2024 06:00:53

An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA map triggers a Reachable Assertion.