Vulnerabilities > Envoyproxy > Envoy > 1.14.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-15 | CVE-2020-35471 | Unspecified vulnerability in Envoyproxy Envoy Envoy before 1.16.1 mishandles dropped and truncated datagrams, as demonstrated by a segmentation fault for a UDP packet size larger than 1500. | 5.0 |
| 2020-12-15 | CVE-2020-35470 | Unspecified vulnerability in Envoyproxy Envoy Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. low complexity envoyproxy | 5.8 |
| 2020-10-01 | CVE-2020-25017 | Unspecified vulnerability in Envoyproxy Envoy Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. | 8.3 |
| 2020-07-14 | CVE-2020-15104 | Origin Validation Error vulnerability in Envoyproxy Envoy In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains. | 5.5 |
| 2020-07-01 | CVE-2020-8663 | Resource Exhaustion vulnerability in Envoyproxy Envoy Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections. | 5.0 |
| 2020-04-15 | CVE-2020-11767 | Information Exposure vulnerability in multiple products Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. | 2.6 |