Known Vulnerabilities for products from Envoyproxy
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Envoyproxy".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-44487 json | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many stre... | 7.5 - HIGH | 2023-10-10 | 2024-02-02 |
| CVE-2023-35945 json | Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy’s HTTP/2 codec may leak a header map and bookkeep... | 7.5 - HIGH | 2023-07-13 | 2023-10-24 |
| CVE-2023-35944 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTT... | 5.3 - MEDIUM | 2023-07-25 | 2023-08-02 |
| CVE-2023-35943 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25... | 7.5 - HIGH | 2023-07-25 | 2023-08-02 |
| CVE-2023-35942 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25... | 6.5 - MEDIUM | 2023-07-25 | 2023-08-02 |
| CVE-2023-35941 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25... | 9.8 - CRITICAL | 2023-07-25 | 2023-08-02 |
| CVE-2023-27496 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24... | 7.5 - HIGH | 2023-04-04 | 2023-11-07 |
| CVE-2023-27493 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24... | 9.1 - CRITICAL | 2023-04-04 | 2023-04-11 |
| CVE-2023-27492 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24... | 6.5 - MEDIUM | 2023-04-04 | 2023-11-07 |
| CVE-2023-27491 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Compliant HTTP/1 service should reject... | 9.1 - CRITICAL | 2023-04-04 | 2023-04-11 |
| CVE-2023-27488 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24... | 9.8 - CRITICAL | 2023-04-04 | 2023-11-07 |
| CVE-2023-27487 json | Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24... | 9.1 - CRITICAL | 2023-04-04 | 2023-04-11 |
| CVE-2022-29228 json | Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter would try to invoke the remainin... | 7.5 - HIGH | 2022-06-09 | 2023-11-07 |
| CVE-2022-29227 json | Envoy is a cloud-native high-performance edge/middle/service proxy. In versions prior to 1.22.1 if Envoy attempts to send an ... | 7.5 - HIGH | 2022-06-09 | 2023-11-07 |
| CVE-2022-29226 json | Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter implementation does not include ... | 9.1 - CRITICAL | 2022-06-09 | 2022-06-16 |
| CVE-2022-29225 json | Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 secompressors accumulate decompressed data into a... | 7.5 - HIGH | 2022-06-09 | 2022-06-16 |
| CVE-2022-29224 json | Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the ... | 5.9 - MEDIUM | 2022-06-09 | 2023-11-07 |
| CVE-2022-23606 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-02-22 | 2022-03-02 |
| CVE-2022-21657 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-02-22 | 2022-03-07 |
| CVE-2022-21656 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.9 - MEDIUM | 2022-02-22 | 2023-07-24 |
Known software with vulnerabilities from Envoyproxy
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Envoyproxy | Envoy | 1.0.0 |