Known Vulnerabilities for products from Envoyproxy
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Envoyproxy".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23606 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-02-22 | 2022-03-02 |
| CVE-2022-21657 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-02-22 | 2022-03-07 |
| CVE-2022-21656 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.9 - MEDIUM | 2022-02-22 | 2023-07-24 |
| CVE-2022-21655 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-22 | 2022-03-02 |
| CVE-2022-21654 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-02-22 | 2022-03-03 |
| CVE-2021-43826 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-22 | 2022-03-02 |
| CVE-2021-43825 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-22 | 2022-03-02 |
| CVE-2021-43824 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-02-22 | 2022-03-01 |
| CVE-2021-39206 | Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related... | 8.6 - HIGH | 2021-09-09 | 2021-09-27 |
| CVE-2021-39204 | Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of H... | 7.5 - HIGH | 2021-09-09 | 2021-09-27 |
| CVE-2021-39162 | Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, can abnormally terminate if an H/2... | 8.6 - HIGH | 2021-09-09 | 2021-09-27 |
| CVE-2021-32781 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected ... | 7.5 - HIGH | 2021-08-24 | 2022-07-02 |
| CVE-2021-32780 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected ... | 7.5 - HIGH | 2021-08-24 | 2022-06-15 |
| CVE-2021-32779 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected ... | 8.3 - HIGH | 2021-08-24 | 2022-10-25 |
| CVE-2021-32778 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected ... | 7.5 - HIGH | 2021-08-24 | 2022-06-15 |
| CVE-2021-32777 | Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected ... | 8.3 - HIGH | 2021-08-24 | 2022-06-15 |
| CVE-2021-29492 | Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences `%2F` and `%5C` in HTTP URL ... | 8.3 - HIGH | 2021-05-28 | 2021-12-10 |
| CVE-2021-29258 | An issue was discovered in Envoy 1.14.0. There is a remotely exploitable crash for HTTP2 Metadata, because an empty METADATA ... | 7.5 - HIGH | 2021-05-20 | 2021-05-27 |
| CVE-2021-28683 | An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable NULL pointer dereference and crash in TLS wh... | 7.5 - HIGH | 2021-05-20 | 2021-05-27 |
| CVE-2021-28682 | An issue was discovered in Envoy through 1.71.1. There is a remotely exploitable integer overflow in which a very large grpc-... | 7.5 - HIGH | 2021-05-20 | 2021-05-27 |
Known software with vulnerabilities from Envoyproxy
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Envoyproxy | Envoy | 1.0.0 |