Homepage

envoyproxy/envoy vulnerabilities

  • licenses detected

    • Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the https://github.com|envoyproxy/envoy package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Always-Incorrect Control Flow Implementation

    [1.30.0,1.30.8)[1.31.0,1.31.4)[1.32.0,1.32.2)
    • H
    Always-Incorrect Control Flow Implementation

    [,1.29.12)[1.30.0,1.30.9)[1.31.0,1.31.5)[1.32.0,1.32.3)
    • H
    Always-Incorrect Control Flow Implementation

    [1.31.0,1.31.5)[1.32.0,1.32.3)
    • M
    Improper Output Neutralization for Logs

    [,1.28.7)[1.29.0,1.29.9)[1.30.0,1.30.6)[1.31.0,1.31.2)
    • M
    Authorization Bypass Through User-Controlled Key

    [,1.28.7)[1.29.0,1.29.9)[1.30.0,1.30.6)[1.31.0,1.31.2)
    • H
    Always-Incorrect Control Flow Implementation

    [,1.31.2)
    • H
    Improper Input Validation

    [,1.28.7)[1.29.0,1.29.9)[1.30.0,1.30.6)[1.31.0,1.31.2)
    • H
    Improper Restriction of Operations within the Bounds of a Memory Buffer

    [,1.28.7)[1.29.0,1.29.9)[1.30.0,1.30.6)[1.31.0,1.31.2)
    • M
    Improper Restriction of Operations within the Bounds of a Memory Buffer

    [,1.29.9)[1.30.0,1.30.6)[1.31.0,1.31.2)
    • M
    Use After Free

    [,1.27.7)[1.28.0,1.28.5)[1.29.0,1.29.7)[1.30.0,1.30.4)
    • M
    Use After Free

    [1.18.0,1.27.6)[1.28.0,1.28.4)[1.29.0,1.29.5)[1.30.0,1.30.2)
    • H
    Uncaught Exception

    [1.28.0,1.28.4)[1.29.0,1.29.5)[1.30.0,1.30.2)
    • M
    Integer Underflow

    [1.18.0,1.27.6)[1.28.0,1.28.4)[1.29.0,1.29.5)[1.30.0,1.30.2)
    • M
    Uncontrolled Resource Consumption ('Resource Exhaustion')

    [1.18.0,1.27.6)[1.28.0,1.28.4)[1.29.0,1.29.5)[1.30.0,1.30.2)
    • M
    Use After Free

    [1.18.0,1.27.6)[1.28.0,1.28.4)[1.29.0,1.29.5)[1.30.0,1.30.2)
    • M
    Improper Check for Unusual or Exceptional Conditions

    [1.18.0,1.27.6)[1.28.0,1.28.4)[1.29.0,1.29.5)[1.30.0,1.30.2)
    • H
    Loop with Uncontrolled Resource Consumption ('Loop with Uncontrolled Resource Consumption')

    [1.18.0,1.27.6)[1.28.0,1.28.4)[1.29.0,1.29.5)[1.30.0,1.30.2)
    • H
    Improper Check for Unusual or Exceptional Conditions

    [1.13.0,1.27.5)[1.28.0,1.28.3)[1.29.0,1.29.4)[1.30.0,1.30.1)
    • H
    Detection of Error Condition Without Action

    [1.29.0,1.29.2)
    • M
    Uncontrolled Resource Consumption ('Resource Exhaustion')

    [,1.26.8)[1.27.0,1.27.4)[1.28.0,1.28.2)[1.29.0,1.29.3)
    • M
    Inefficient CPU Computation

    [,1.26.7)[1.27.0,1.27.3)[1.28.0,1.28.1)[1.29.0,1.29.1)
    • H
    Uncaught Exception

    [,1.26.7)[1.27.0,1.27.3)[1.28.0,1.28.1)[1.29.0,1.29.1)
    • H
    NULL Pointer Dereference

    [,1.26.7)[1.27.0,1.27.3)[1.28.0,1.28.1)[1.29.0,1.29.1)
    • H
    Use After Free

    [,1.26.7)[1.27.0,1.27.3)[1.28.0,1.28.1)[1.29.0,1.29.1)
    • H
    Improper Input Validation

    [,1.26.7)[1.27.0,1.27.3)[1.28.0,1.28.1)[1.29.0,1.29.1)
    • H
    Denial of Service (DoS)

    [,1.24.11)[1.25.0,1.25.10)[1.26.0,1.26.5)[1.27.0,1.27.1)
    • H
    Improper Handling of Case Sensitivity

    [,1.23.12)[1.24.0,1.24.10)[1.25.0,1.25.9)[1.26.0,1.26.4)
    • H
    Incorrect Implementation of Authentication Algorithm

    [,1.23.12)[1.24.0,1.24.10)[1.25.0,1.25.9)[1.26.0,1.26.4)
    • M
    Denial of Service (DoS)

    [,1.23.12)[1.24.0,1.24.10)[1.25.0,1.25.9)[1.26.0,1.26.4)
    • H
    Use After Free

    [,1.23.12)[1.24.0,1.24.10)[1.25.0,1.25.9)[1.26.0,1.26.4)
    • H
    Denial of Service (DoS)

    [,1.21.11)[1.24.0,1.24.9)[1.25.0,1.25.8)[1.26.0,1.26.3)
    • H
    Improper Input Validation

    [,1.22.9)[1.23.0,1.23.6)[1.24.0,1.24.4)[1.25.0,1.25.3)
    • M
    Improper Input Validation

    [,1.22.9)[1.23.0,1.23.6)[1.24.0,1.24.4)[1.25.0,1.25.3)
    • M
    Allocation of Resources Without Limits or Throttling

    [,1.22.9)[1.23.0,1.23.6)[1.24.0,1.24.4)[1.25.0,1.25.3)
    • M
    Access Restriction Bypass

    [,1.22.9)[1.23.0,1.23.6)[1.24.0,1.24.4)[1.25.0,1.25.3)
    • H
    Access Restriction Bypass

    [,1.22.9)[1.23.0,1.23.6)[1.24.0,1.24.4)[1.25.0,1.25.3)
    • M
    Open Redirect

    [,1.22.9)[1.23.0,1.23.6)[1.24.0,1.24.4)[1.25.0,1.25.3)
    • H
    Use After Free

    [,1.22.1)
    • C
    Missing Authentication for Critical Function

    [,1.22.1)
    • H
    NULL Pointer Dereference

    [,1.22.1)
    • H
    Use After Free

    [,1.22.1)
    • H
    Data Amplification

    [,1.22.1)
    • H
    Denial of Service (DoS)

    [1.18.0,1.18.6)[1.19.0,1.19.3)[1.20.0,1.20.2)[1.21.0,1.21.1)
    • H
    Race Condition

    [1.18.0,1.18.6)[1.19.0,1.19.3)[1.20.0,1.20.2)[1.21.0,1.21.1)
    • M
    Denial of Service (DoS)

    [1.20.0,1.20.2)[1.21.0,1.21.1)
    • L
    Improper Certificate Validation

    [,1.20.2)
    • M
    Improper Certificate Validation

    [1.18.0,1.18.6)[1.19.0,1.19.3)[1.20.0,1.20.2)
    • M
    Use After Free

    [1.18.0,1.18.6)[1.19.0,1.19.3)[1.20.0,1.20.2)[1.21.0,1.21.1)
    • M
    Use After Free

    [1.18.0,1.18.6)[1.19.0,1.19.3)[1.20.0,1.20.2)[1.21.0,1.21.1)
    • H
    Denial of Service (DoS)

    [,1.18.6)[1.19.0,1.19.3)[1.20.0,1.20.2)[1.21.0,1.21.1)
    • H
    Access Restriction Bypass

    [0,1.17.1)
    • H
    Denial of Service (DoS)

    [,1.16.1)
    • H
    Denial of Service (DoS)

    [0,)
    • M
    User Impersonation

    [,1.12.6)[1.13.0,1.13.4)[1.14.0,1.14.4)
    • H
    Denial of Service (DoS)

    [,1.12.5)[1.13.0,1.13.3)[1.14.0,1.14.3)
    • C
    Out-of-bounds Write

    [,1.12.2)
    • H
    NULL Pointer Dereference

    [,1.12.2)
    • H
    Incorrect Authorization

    [1.16.0,1.16.5)[1.17.0,1.17.4)[1.18.0,1.18.4)[1.19.0,1.91.1)
    • H
    CVE-2020-35470

    [,1.16.1)
    • H
    Denial of Service (DoS)

    [,1.11.2)
    • H
    Out-of-Bounds

    [1.16.0,1.16.5)[1.17.0,1.17.4)[1.18.0,1.18.4)[1.19.0,1.91.1)
    • H
    Arbitrary Code Injection

    [,1.9.1)
    • H
    Denial of Service (DoS)

    [1.16.0,1.16.5)[1.17.0,1.17.4)[1.18.0,1.18.4)[1.19.0,1.91.1)
    • H
    Out-of-Bounds

    [,1.12.5)
    • H
    CVE-2020-25017

    [,1.12.7)[1.13.0,1.13.4)[1.14.0,1.14.4)[1.15.0,1.15.1)
    • C
    Race Condition

    [,1.9.1)
    • H
    Improper Check for Unusual or Exceptional Conditions

    [1.18.0,1.18.4)[1.19.0,1.91.1)
    • H
    NULL Pointer Dereference

    [0,1.17.2)
    • H
    Directory Traversal

    [,1.15.5)[1.16.0,1.16.4)[1.17.0,1.17.3)[1.18.0,1.18.3)
    • H
    Incorrect Authorization

    [1.16.0,1.16.5)[1.17.0,1.17.4)[1.18.0,1.18.4)[1.19.0,1.91.1)
    • H
    Denial of Service (DoS)

    [,1.16.5)[1.17.0,1.17.4)[1.18.0,1.18.4)
    • H
    Denial of Service (DoS)

    [0,1.17.2)
    • H
    Denial of Service (DoS)

    [0,1.12.1)
    • H
    Denial of Service (DoS)

    [,1.12.5)
    • H
    Improper Check for Unusual or Exceptional Conditions

    [,1.18.4)
    • H
    Incorrect Authorization

    [,1.16.5)[1.17.0,1.17.4)[1.18.0,1.18.4)
    • H
    Integer Overflow or Wraparound

    [0,1.17.2)
    • L
    Information Exposure

    [,1.14.2)
    • M
    Insufficient Verification of Data Authenticity

    [,1.12.3)[1.13.0,1.13.1)
    • C
    CVE-2019-18802

    [,1.12.2)
    • H
    Denial of Service (DoS)

    [,1.12.5)