Vulnerabilities > Envoyproxy > Envoy > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-20 | CVE-2024-45806 | Authorization Bypass Through User-Controlled Key vulnerability in Envoyproxy Envoy Envoy is a cloud-native high-performance edge/middle/service proxy. | 6.5 |
| 2024-09-20 | CVE-2024-45808 | Improper Encoding or Escaping of Output vulnerability in Envoyproxy Envoy Envoy is a cloud-native high-performance edge/middle/service proxy. | 6.5 |
| 2024-06-04 | CVE-2024-34362 | Use After Free vulnerability in Envoyproxy Envoy Envoy is a cloud-native, open source edge and service proxy. | 5.9 |
| 2024-06-04 | CVE-2024-34364 | Out-of-bounds Write vulnerability in Envoyproxy Envoy Envoy is a cloud-native, open source edge and service proxy. | 6.5 |
| 2024-02-09 | CVE-2024-23323 | Resource Exhaustion vulnerability in Envoyproxy Envoy Envoy is a high-performance edge/middle/service proxy. | 5.3 |
| 2023-07-25 | CVE-2023-35942 | Use After Free vulnerability in Envoyproxy Envoy Envoy is an open source edge and service proxy designed for cloud-native applications. | 6.5 |
| 2023-07-25 | CVE-2023-35944 | HTTP Request Smuggling vulnerability in Envoyproxy Envoy Envoy is an open source edge and service proxy designed for cloud-native applications. | 5.3 |
| 2023-04-04 | CVE-2023-27492 | Allocation of Resources Without Limits or Throttling vulnerability in Envoyproxy Envoy Envoy is an open source edge and service proxy designed for cloud-native applications. | 6.5 |
| 2022-06-09 | CVE-2022-29225 | Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Envoyproxy Envoy Envoy is a cloud-native high-performance proxy. | 5.0 |
| 2022-06-09 | CVE-2022-29226 | Missing Authentication for Critical Function vulnerability in Envoyproxy Envoy Envoy is a cloud-native high-performance proxy. | 6.4 |