pkg:Bitnami/envoy

所有已知漏洞

• MEDIUM5.3CVE-2023-44487⚠ KEVnghttp2 - security update
  from 0, < 1.24.12, >= 1.25.0, < 1.25.11, >= 1.26.0, < 1.26.6, >= 1.27.0, < 1.27.2
• CRITICAL9.8CVE-2024-7207A flaw was found in Envoy.
  from 0, < 1.28.7, >= 1.29.0, < 1.29.9, >= 1.30.0, < 1.30.6, >= 1.31.0, < 1.31.2
• CRITICAL9.8CVE-2022-21654Incorrect configuration handling allows TLS session re-use without re-validation in Envoy
  >= 1.7.0, < 1.18.6, >= 1.19.0, < 1.19.3, >= 1.20.0, < 1.20.2, >= 1.21.0, < 1.21.1
• CRITICAL9.8CVE-2023-27488Envoy gRPC client produces invalid protobuf when an HTTP header with non-UTF8 value is received.
  from 0, < 1.22.9, >= 1.23.0, < 1.23.6, >= 1.24.0, < 1.24.4, >= 1.25.0, < 1.25.3
• CRITICAL9.8CVE-2023-35941Envoy vulnerable to OAuth2 credentials exploit with permanent validity
  >= 1.23.0, < 1.23.12, >= 1.24.0, < 1.24.10, >= 1.25.0, < 1.25.9, >= 1.26.0, < 1.26.4
• CRITICAL9.1CVE-2024-39305Envoy Proxy use after free when route hash policy is configured with cookie attributes
  from 0, < 1.27.7, >= 1.28.0, < 1.28.5, >= 1.29.0, < 1.29.7, >= 1.30.0, < 1.30.4
• CRITICAL9.1CVE-2022-29226Trivial authentication bypass in Envoy
  from 0, < 1.22.1
• CRITICAL9.1CVE-2023-27487Envoy client may fake the header `x-envoy-original-path`
  from 0, < 1.22.9, >= 1.23.0, < 1.23.6, >= 1.24.0, < 1.24.4, >= 1.25.0, < 1.25.3
• CRITICAL9.1CVE-2023-27491Envoy forwards invalid Http2/Http3 downstream headers
  from 0, < 1.22.9, >= 1.23.0, < 1.23.6, >= 1.24.0, < 1.24.4, >= 1.25.0, < 1.25.3
• CRITICAL9.1CVE-2023-27493Envoy doesn't escape HTTP header values
  from 0, < 1.22.9, >= 1.23.0, < 1.23.6, >= 1.24.0, < 1.24.4, >= 1.25.0, < 1.25.3
• HIGH8.8CVE-2025-55162Envoy: oAuth2 Filter Signout route will not clear cookies because of missing "secure;" flag
  from 0, < 1.32.10, >= 1.33.0, < 1.33.7, >= 1.34.0, < 1.34.5, >= 1.35.0, < 1.35.1
• HIGH8.8CVE-2020-35470Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the…
  from 0, < 1.16.1
• HIGH8.6CVE-2021-39206Incorrect Authorization with specially crafted requests
  from 0, < 1.16.5, >= 1.17.0, < 1.17.4, >= 1.18.0, < 1.18.4, >= 1.19.0, < 1.19.1
• HIGH8.6CVE-2021-39162Incorrect handling of H2 GOAWAY + SETTINGS frames in github.com/pomerium/pomerium
  from 0, < 1.18.4, >= 1.19.0, < 1.19.1
• HIGH8.3CVE-2020-25017Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers.
  from 0, < 1.12.7, >= 1.13.0, < 1.13.4, >= 1.14.0, < 1.14.4, >= 1.15.0, < 1.15.1
• HIGH8.3CVE-2021-29492Bypass of path matching rules using escaped slash characters
  from 0, < 1.15.5, >= 1.16.0, < 1.16.4, >= 1.17.0, < 1.17.3, >= 1.18.0, < 1.18.3
• HIGH8.3CVE-2021-32777Incorrect concatenation of multiple value request headers in ext-authz extension
  >= 1.16.0, < 1.16.5, >= 1.17.0, < 1.17.4, >= 1.18.0, < 1.18.4, >= 1.19.0, < 1.19.1
• HIGH8.3CVE-2021-32779Incorrectly handling of URI '#fragment' element as part of the path element
  >= 1.16.0, < 1.16.5, >= 1.17.0, < 1.17.4, >= 1.18.0, < 1.18.4, >= 1.19.0, < 1.19.1
• HIGH8.2CVE-2024-23326Envoy incorrectly accepts HTTP 200 response for entering upgrade mode
  from 0, < 1.27.6, >= 1.28.0, < 1.28.4, >= 1.29.0, < 1.29.5, >= 1.30.0, < 1.30.2
• HIGH8.2CVE-2021-21378JWT authentication bypass with unknown issuer token
  >= 1.17.0, < 1.17.1
• HIGH7.5CVE-2026-26308Envoy has RBAC Header Validation Bypass via Multi-Value Header Concatenation
  from 0, < 1.34.13, >= 1.35.0, < 1.35.9, >= 1.36.0, < 1.36.5, >= 1.37.0, < 1.37.1
• HIGH7.5CVE-2025-62504Envoy Lua filter use-after-free when oversized rewritten response body causes crash
  from 0, < 1.33.12, >= 1.34.0, < 1.34.10, >= 1.35.0, < 1.35.6, >= 1.36.0, < 1.36.2
• HIGH7.5CVE-2025-54588Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults
  >= 1.34.0, < 1.34.5, >= 1.35.0, < 1.35.1
• HIGH7.5CVE-2024-53269Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy
  >= 1.30.0, < 1.30.8, >= 1.31.0, < 1.31.4, >= 1.32.0, < 1.32.2
• HIGH7.5CVE-2024-53270HTTP/1: sending overload crashes when the request is reset beforehand in envoy
  from 0, < 1.29.12, >= 1.30.0, < 1.30.9, >= 1.31.0, < 1.31.5, >= 1.32.0, < 1.32.3
• HIGH7.5CVE-2024-45807oghttp2 crash on OnBeginHeadersForStream in envoy
  >= 1.31.0, < 1.31.2
• HIGH7.5CVE-2024-45809Jwt filter crash in the clear route cache with remote JWKs in envoy
  >= 1.29.0, < 1.29.9, >= 1.30.0, < 1.30.6, >= 1.31.0, < 1.31.2
• HIGH7.5CVE-2024-45810Envoy crashes for LocalReply in http async client
  from 0, < 1.31.2
• HIGH7.5CVE-2024-32974Envoy affected by a crash in EnvoyQuicServerStream::OnInitialHeadersComplete()
  from 0, < 1.27.6, >= 1.28.0, < 1.28.4, >= 1.29.0, < 1.29.5, >= 1.30.0, < 1.30.2
• HIGH7.5CVE-2024-32975Envoy crashes in QuicheDataReader::PeekVarInt62Length()
  from 0, < 1.27.6, >= 1.28.0, < 1.28.4, >= 1.29.0, < 1.29.5, >= 1.30.0, < 1.30.2
• HIGH7.5CVE-2024-32976Envoy can enter an endless loop while decompressing Brotli data with extra input
  >= 1.18.0, < 1.27.6, >= 1.28.0, < 1.28.4, >= 1.29.0, < 1.29.5, >= 1.30.0, < 1.30.2
• HIGH7.5CVE-2024-34363Envoy can crash due to uncaught nlohmann JSON exception
  >= 1.28.0, < 1.28.4, >= 1.29.0, < 1.29.5, >= 1.30.0, < 1.30.2
• HIGH7.5CVE-2024-32475Envoy RELEASE_ASSERT using auto_sni with :authority header > 255 bytes
  >= 1.13.0, < 1.27.5, >= 1.28.0, < 1.28.3, >= 1.29.0, < 1.29.4, >= 1.30.0, < 1.30.1
• HIGH7.5CVE-2024-27919HTTP/2: memory exhaustion due to CONTINUATION frame flood
  >= 1.29.0, < 1.29.2
• HIGH7.5CVE-2024-30255HTTP/2: CPU exhaustion due to CONTINUATION frame flood
  from 0, < 1.26.8, >= 1.27.0, < 1.27.4, >= 1.28.0, < 1.28.2, >= 1.29.0, < 1.29.3
• HIGH7.5CVE-2020-12603Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with man…
  from 0, < 1.12.5, >= 1.13.2, < 1.13.3, >= 1.14.2, < 1.14.3
• HIGH7.5CVE-2020-12604Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a larg…
  from 0, < 1.12.5, >= 1.13.2, < 1.13.3, >= 1.14.2, < 1.14.3
• HIGH7.5CVE-2020-12605Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field na…
  from 0, < 1.12.5, >= 1.13.2, < 1.13.3, >= 1.14.2, < 1.14.3
• HIGH7.5CVE-2020-35471Envoy before 1.16.1 mishandles dropped and truncated datagrams, as demonstrated by a segmentation fault for a UDP packet size larger than 1…
  from 0, < 1.16.1
• HIGH7.5CVE-2020-8663Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections.
  from 0, < 1.12.5, >= 1.13.0, < 1.13.3, >= 1.14.0, < 1.14.3
• HIGH7.5CVE-2021-28682An issue was discovered in Envoy through 1.71.1.
  >= 1.14.6, < 1.14.7, >= 1.15.3, < 1.15.4, >= 1.16.2, < 1.16.3, >= 1.17.1, < 1.17.2
• HIGH7.5CVE-2021-28683An issue was discovered in Envoy through 1.71.1.
  >= 1.16.2, < 1.16.3, >= 1.17.1, < 1.17.2
• HIGH7.5CVE-2021-29258An issue was discovered in Envoy 1.14.0.
  >= 1.14.6, < 1.14.7, >= 1.15.3, < 1.15.4, >= 1.16.2, < 1.16.3, >= 1.17.1, < 1.17.2
• HIGH7.5CVE-2021-32778Excessive CPU utilization when closing HTTP/2 streams
  >= 1.16.0, < 1.16.5, >= 1.17.0, < 1.17.4, >= 1.18.0, < 1.18.4, >= 1.19.0, < 1.19.1
• HIGH7.5CVE-2021-32780Incorrect handling of H/2 GOAWAY followed by SETTINGS frames
  >= 1.18.0, < 1.18.4, >= 1.19.0, < 1.19.1
• HIGH7.5CVE-2021-32781Continued processing of requests after locally generated response
  >= 1.16.0, < 1.16.5, >= 1.17.0, < 1.17.4, >= 1.18.0, < 1.18.4, >= 1.19.0, < 1.19.1
• HIGH7.5CVE-2021-43824Null pointer dereference in envoy
  from 0, < 1.18.6, >= 1.19.0, < 1.19.3, >= 1.20.0, < 1.20.2, >= 1.21.0, < 1.21.1
• HIGH7.5CVE-2021-43825Use-after-free in Envoy
  from 0, < 1.18.6, >= 1.19.0, < 1.19.3, >= 1.20.0, < 1.20.2, >= 1.21.0, < 1.21.1
• HIGH7.5CVE-2021-43826Crash when tunneling TCP over HTTP in Envoy
  from 0, < 1.18.6, >= 1.19.0, < 1.19.3, >= 1.20.0, < 1.20.2, >= 1.21.0, < 1.21.1
• HIGH7.5CVE-2022-21655Incorrect handling of internal redirects results in crash in Envoy
  from 0, < 1.18.6, >= 1.19.0, < 1.19.3, >= 1.20.0, < 1.20.2, >= 1.21.0, < 1.21.1
• HIGH7.5CVE-2022-29225Zip bomb vulnerability in Envoy
  from 0, < 1.22.1
• HIGH7.5CVE-2022-29227Use after free in Envoy
  from 0, < 1.22.1
• HIGH7.5CVE-2022-29228Reachable assertion in Envoy
  from 0, < 1.22.1
• HIGH7.5CVE-2023-27496Envoy may crash when a redirect url without a state param is received in the oauth filter
  from 0, < 1.22.9, >= 1.23.0, < 1.23.6, >= 1.24.0, < 1.24.4, >= 1.25.0, < 1.25.3
• HIGH7.5CVE-2023-35943Envoy vulnerable to CORS filter segfault when origin header is removed
  >= 1.23.0, < 1.23.12, >= 1.24.0, < 1.24.10, >= 1.25.0, < 1.25.9, >= 1.26.0, < 1.26.4
• HIGH7.5CVE-2024-23322Envoy crashes when idle and request per try timeout occur within the backoff interval
  >= 1.26.0, < 1.26.7, >= 1.27.0, < 1.27.3, >= 1.28.0, < 1.28.1, >= 1.29.0, < 1.29.1
• HIGH7.5CVE-2024-23324Envoy ext auth can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata
  >= 1.26.0, < 1.26.7, >= 1.27.0, < 1.27.3, >= 1.28.0, < 1.28.1, >= 1.29.0, < 1.29.1
• HIGH7.5CVE-2024-23325Envoy crashes when using an address type that isn’t supported by the OS
  >= 1.26.0, < 1.26.7, >= 1.27.0, < 1.27.3, >= 1.28.0, < 1.28.1, >= 1.29.0, < 1.29.1
• HIGH7.5CVE-2024-23327Crash in proxy protocol when command type of LOCAL in Envoy
  >= 1.26.0, < 1.26.7, >= 1.27.0, < 1.27.3, >= 1.28.0, < 1.28.1, >= 1.29.0, < 1.29.1
• HIGH7.5CVE-2023-35945Envoy vulnerable to HTTP/2 memory leak in nghttp2 codec
  from 0, < 1.23.11, >= 1.24.0, < 1.24.9, >= 1.25.0, < 1.25.8, >= 1.26.0, < 1.26.3
• HIGH7.5CVE-2021-39204Excessive CPU usage
  from 0, < 1.16.5, >= 1.17.0, < 1.17.4, >= 1.18.0, < 1.18.4, >= 1.19.0, < 1.19.1
• HIGH7.1CVE-2024-53271HTTP/1.1 multiple issues with envoy.reloadable_features.http1_balsa_delay_reset in envoy
  >= 1.31.0, < 1.31.5, >= 1.32.0, < 1.32.3
• MEDIUM6.5CVE-2025-64527Envoy crashes when JWT authentication is configured with the remote JWKS fetching
  from 0, < 1.33.13, >= 1.34.0, < 1.34.11, >= 1.35.0, < 1.35.7, >= 1.36.0, < 1.36.3
• MEDIUM6.5CVE-2025-30157Envoy crashes when HTTP ext_proc processes local replies
  from 0, < 1.30.10, >= 1.31.0, < 1.31.6, >= 1.32.0, < 1.32.4, >= 1.33.0, < 1.33.1
• MEDIUM6.5CVE-2024-45806Potential manipulate `x-envoy` headers from external sources in envoy
  from 0, < 1.28.7, >= 1.29.0, < 1.29.9, >= 1.30.0, < 1.30.6, >= 1.31.0, < 1.31.2
• MEDIUM6.5CVE-2024-45808Malicious log injection via access logs in envoy
  from 0, < 1.28.7, >= 1.29.0, < 1.29.9, >= 1.30.0, < 1.30.6, >= 1.31.0, < 1.31.2
• MEDIUM6.5CVE-2024-34364Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response
  from 0, < 1.27.6, >= 1.28.0, < 1.28.4, >= 1.29.0, < 1.29.5, >= 1.30.0, < 1.30.2
• MEDIUM6.5CVE-2022-21657X.509 Extended Key Usage and Trust Purposes bypass in Envoy
  from 0, < 1.18.6, >= 1.19.0, < 1.19.3, >= 1.20.0, < 1.20.2
• MEDIUM6.5CVE-2022-23606Crash when a cluster is deleted in Envoy
  >= 1.20.0, < 1.20.2, >= 1.21.0, < 1.21.1
• MEDIUM6.5CVE-2023-27492Envoy may crash when a large request body is processed in Lua filter
  from 0, < 1.22.9, >= 1.23.0, < 1.23.6, >= 1.24.0, < 1.24.4, >= 1.25.0, < 1.25.3
• MEDIUM6.5CVE-2023-35942Envoy's gRPC access log crash caused by the listener draining
  >= 1.23.0, < 1.23.12, >= 1.24.0, < 1.24.10, >= 1.25.0, < 1.25.9, >= 1.26.0, < 1.26.4
• MEDIUM5.9CVE-2026-26311Envoy HTTP: filter chain execution on reset streams causing UAF crash
  from 0, < 1.34.13, >= 1.35.0, < 1.35.9, >= 1.36.0, < 1.36.5, >= 1.37.0, < 1.37.1
• MEDIUM5.9CVE-2026-26310Crash for scoped ip address in Envoy during DNS
  from 0, < 1.34.13, >= 1.35.0, < 1.35.9, >= 1.36.0, < 1.36.5, >= 1.37.0, < 1.37.1
• MEDIUM5.9CVE-2024-34362Envoy affected by a crash (use-after-free) in EnvoyQuicServerStream
  from 0, < 1.27.6, >= 1.28.0, < 1.28.4, >= 1.29.0, < 1.29.5, >= 1.30.0, < 1.30.2
• MEDIUM5.9CVE-2022-21656X.509 subjectAltName matching bypass in Envoy
  from 0, < 1.20.2
• MEDIUM5.9CVE-2022-29224Segmentation fault leading to crash in Envoy
  from 0, < 1.22.1
• MEDIUM5.4CVE-2020-15104TLS Validation Vulnerability in Envoy
  from 0, < 1.12.6, >= 1.13.0, < 1.13.4, >= 1.14.0, < 1.14.4
• MEDIUM5.3CVE-2026-26330Envoy global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly
  from 0, < 1.34.13, >= 1.35.0, < 1.35.9, >= 1.36.0, < 1.36.5, >= 1.37.0, < 1.37.1
• MEDIUM5.3CVE-2026-26309Envoy has an off-by-one write in JsonEscaper::escapeString()
  from 0, < 1.34.13, >= 1.35.0, < 1.35.9, >= 1.36.0, < 1.36.5, >= 1.37.0, < 1.37.1
• MEDIUM5.3CVE-2025-46821Envoy vulnerable to bypass of RBAC uri_template permission
  from 0, < 1.31.8, >= 1.32.0, < 1.32.6, >= 1.33.0, < 1.33.3, >= 1.34.0, < 1.34.1
• MEDIUM5.3CVE-2020-8660CNCF Envoy through 1.13.0 TLS inspector bypass.
  from 0, < 1.12.3, >= 1.13.0, < 1.13.1
• MEDIUM5.3CVE-2023-35944Envoy vulnerable to incorrect handling of HTTP requests and responses with mixed case schemes
  >= 1.23.0, < 1.23.12, >= 1.24.0, < 1.24.10, >= 1.25.0, < 1.25.9, >= 1.26.0, < 1.26.4
• MEDIUM5.3CVE-2024-23323Excessive CPU usage when URI template matcher is configured using regex in Envoy
  >= 1.26.0, < 1.26.7, >= 1.27.0, < 1.27.3, >= 1.28.0, < 1.28.1, >= 1.29.0, < 1.29.1
• MEDIUM5.0CVE-2025-66220Envoy’s TLS certificate matcher for `match_typed_subject_alt_names` may incorrectly treat certificates containing an embedded null byte
  from 0, < 1.33.13, >= 1.34.0, < 1.34.11, >= 1.35.0, < 1.35.7, >= 1.36.0, < 1.36.3
• LOW3.7CVE-2025-64763Envoy forwards early CONNECT data in TCP proxy mode
  from 0, < 1.33.13, >= 1.34.0, < 1.34.11, >= 1.35.0, < 1.35.7, >= 1.36.0, < 1.36.3
• LOW3.1CVE-2020-11767Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue.
  from 0, < 1.14.2
• —CVE-2025-62409Envoy allows large requests and responses to cause TCP connection pool crash
  from 0, < 1.33.10, >= 1.34.0, < 1.34.9, >= 1.35.0, < 1.35.5, >= 1.36.0, < 1.36.1