Known Vulnerabilities for Envoy by Envoyproxy
Listed below are 10 of the newest known vulnerabilities associated with "Envoy" by "Envoyproxy".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33726 json | Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.14, 1.18.8,... | Not Provided | 2026-03-27 | 2026-03-27 |
| CVE-2026-32811 json | Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. When using Heimdall in envoy gRPC decisi... | Not Provided | 2026-03-20 | 2026-03-21 |
| CVE-2026-31838 json | Istio is an open platform to connect, manage, and secure microservices. Prior to 1.29.1, 1.28.5, and 1.27.8, a vulnerability ... | Not Provided | 2026-03-10 | 2026-04-07 |
| CVE-2026-23941 json | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allo... | Not Provided | 2026-03-13 | 2026-04-06 |
| CVE-2025-23556 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in netbitsolutions Push En... | Not Provided | 2025-03-03 | 2026-04-01 |
| CVE-2023-44487 json | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many stre... | 7.5 - HIGH | 2023-10-10 | 2024-02-02 |
| CVE-2023-35945 json | Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeep... | 7.5 - HIGH | 2023-07-13 | 2023-10-24 |
| CVE-2023-35944 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTT... | 5.3 - MEDIUM | 2023-07-25 | 2023-08-02 |
| CVE-2023-35943 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25... | 7.5 - HIGH | 2023-07-25 | 2023-08-02 |
| CVE-2023-35942 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25... | 6.5 - MEDIUM | 2023-07-25 | 2023-08-02 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Envoyproxy | Envoy | 3b5acb2 | |||
| Application | Envoyproxy | Envoy | 2d69e30 | |||
| Application | Envoyproxy | Envoy | 1.9.1 | |||
| Application | Envoyproxy | Envoy | 1.9.0 | |||
| Application | Envoyproxy | Envoy | 1.8.0 | |||
| Application | Envoyproxy | Envoy | 1.7.1 | |||
| Application | Envoyproxy | Envoy | 1.7.0 | |||
| Application | Envoyproxy | Envoy | 1.6.0 | |||
| Application | Envoyproxy | Envoy | 1.5.0 | |||
| Application | Envoyproxy | Envoy | 1.4.0 | |||
| Application | Envoyproxy | Envoy | 1.3.0 | |||
| Application | Envoyproxy | Envoy | 1.2.0 | |||
| Application | Envoyproxy | Envoy | 1.16.2 | |||
| Application | Envoyproxy | Envoy | 1.16.1 | |||
| Application | Envoyproxy | Envoy | 1.16.0 | |||
| Application | Envoyproxy | Envoy | 1.15.3 | |||
| Application | Envoyproxy | Envoy | 1.15.2 | |||
| Application | Envoyproxy | Envoy | 1.15.1 | |||
| Application | Envoyproxy | Envoy | 1.15.0 | |||
| Application | Envoyproxy | Envoy | 1.14.6 |