Exposición de Envoy
Reverse proxies36
score de exposición
95.685
sitios usan
0
en explotación
1
críticos
CVEs
78 resultadosCVE-2025-30157MEDIUMEnvoy crashes when HTTP ext_proc processes local repliesEPSS 0.4%CVE-2026-26310MEDIUMCrash for scoped ip address in Envoy during DNSEPSS 0.4%CVE-2024-45806MEDIUMPotential manipulate `x-envoy` headers from external sources in envoyEPSS 0.4%CVE-2025-62504MEDIUMEnvoy Lua filter use-after-free when oversized rewritten response body causes crashEPSS 0.4%CVE-2024-45809MEDIUMJwt filter crash in the clear route cache with remote JWKs in envoyEPSS 0.4%CVE-2026-26309MEDIUMEnvoy has an off-by-one write in JsonEscaper::escapeString()EPSS 0.4%CVE-2024-45808MEDIUMMalicious log injection via access logs in envoyEPSS 0.4%CVE-2024-23326MEDIUMEnvoy incorrectly accepts HTTP 200 response for entering upgrade modeEPSS 0.4%CVE-2026-26311MEDIUMEnvoy HTTP: filter chain execution on reset streams causing UAF crashEPSS 0.3%CVE-2026-26330MEDIUMEnvoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directlyEPSS 0.3%CVE-2025-55162MEDIUMEnvoy: oAuth2 Filter Signout route will not clear cookies because of missing "secure;" flagEPSS 0.3%CVE-2026-26308HIGHEnvoy has an RBAC Header Validation Bypass via Multi-Value Header ConcatenationEPSS 0.3%CVE-2024-21881HIGHUpload of encrypted packages allows authenticated command execution in Enphase IQ Gateway v4.x and v5.xEPSS 0.3%CVE-2025-64763LOWEnvoy forwards early CONNECT data in TCP proxy modeEPSS 0.3%CVE-2020-15104MEDIUMTLS Validation Vulnerability in EnvoyEPSS 0.3%CVE-2026-6994MEDIUMEnvoy Query Parameter header_mutation.cc params.add injectionEPSS 0.2%CVE-2025-46821MEDIUMEnvoy vulnerable to bypass of RBAC uri_template permissionEPSS 0.2%CVE-2025-66220MEDIUMEnvoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byteEPSS 0.2%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →