Exposición de Envoy
Reverse proxies36
score de exposición
95.685
sitios usan
0
en explotación
1
críticos
CVEs
78 resultadosCVE-2024-34363HIGHEnvoy can crash due to uncaught nlohmann JSON exceptionEPSS 0.7%CVE-2024-32976HIGHEnvoy can enter an endless loop while decompressing Brotli data with extra inputEPSS 0.7%CVE-2024-53269MEDIUMHappy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoyEPSS 0.7%CVE-2024-39305MEDIUMEnvoy Proxy use after free when route hash policy is configured with cookie attributesEPSS 0.6%CVE-2024-45810MEDIUMEnvoy crashes for LocalReply in http async clientEPSS 0.6%CVE-2023-27487HIGHEnvoy client may fake the header `x-envoy-original-path`EPSS 0.6%CVE-2024-53271HIGHHTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoyEPSS 0.6%CVE-2024-23324HIGHEnvoy ext auth can be bypassed when Proxy protocol filter sets invalid UTF-8 metadataEPSS 0.6%CVE-2023-35944HIGHEnvoy vulnerable to incorrect handling of HTTP requests and responses with mixed case schemesEPSS 0.6%CVE-2024-34362MEDIUMEnvoy affected by a crash (use-after-free) in EnvoyQuicServerStreamEPSS 0.6%CVE-2023-35943MEDIUMEnvoy vulnerable to CORS filter segfault when origin header is removed EPSS 0.6%CVE-2022-21657MEDIUMX.509 Extended Key Usage and Trust Purposes bypass in EnvoyEPSS 0.5%CVE-2023-27493HIGHEnvoy doesn't escape HTTP header valuesEPSS 0.5%CVE-2024-23323MEDIUMExcessive CPU usage when URI template matcher is configured using regex in EnvoyEPSS 0.5%CVE-2025-64527MEDIUMEnvoy crashes when JWT authentication is configured with the remote JWKS fetchingEPSS 0.5%CVE-2024-45807HIGHoghttp2 crash on OnBeginHeadersForStream in envoyEPSS 0.5%CVE-2024-34364MEDIUMEnvoy OOM vector from HTTP async client with unbounded response buffer for mirror responseEPSS 0.5%CVE-2025-54588HIGHEnvoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faultsEPSS 0.4%CVE-2026-47774HIGHEnvoy vulnerable to HTTP/2 memory exhaustion via cookie header size bypass and HPACK amplificationEPSS 0.4%CVE-2025-62409MEDIUMEnvoy allows large requests and responses to cause TCP connection pool crashEPSS 0.4%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →