Vulnerabilities > Envoyproxy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-01 | CVE-2020-12604 | Memory Leak vulnerability in Envoyproxy Envoy Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream. | 7.5 |
| 2020-07-01 | CVE-2020-12603 | Resource Exhaustion vulnerability in Envoyproxy Envoy Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. | 7.5 |
| 2020-04-15 | CVE-2020-11767 | Istio through 1.5.1 and Envoy through 1.14.1 have a data-leak issue. | 3.1 |
| 2020-03-04 | CVE-2020-8660 | Insufficient Verification of Data Authenticity vulnerability in Envoyproxy Envoy CNCF Envoy through 1.13.0 TLS inspector bypass. | 5.3 |
| 2019-12-13 | CVE-2019-18838 | NULL Pointer Dereference vulnerability in Envoyproxy Envoy An issue was discovered in Envoy 1.12.0. | 7.5 |
| 2019-12-13 | CVE-2019-18802 | Unspecified vulnerability in Envoyproxy Envoy An issue was discovered in Envoy 1.12.0. | 9.8 |
| 2019-12-13 | CVE-2019-18801 | Out-of-bounds Write vulnerability in Envoyproxy Envoy An issue was discovered in Envoy 1.12.0. | 9.8 |
| 2019-11-11 | CVE-2019-18836 | Infinite Loop vulnerability in multiple products Envoy 1.12.0 allows a remote denial of service because of resource loops, as demonstrated by a single idle TCP connection being able to keep a worker thread in an infinite busy loop when continue_on_listener_filters_timeout is used." | 7.5 |
| 2019-10-09 | CVE-2019-15226 | Resource Exhaustion vulnerability in Envoyproxy Envoy Upon receiving each incoming request header data, Envoy will iterate over existing request headers to verify that the total size of the headers stays below a maximum limit. | 7.5 |
| 2019-08-19 | CVE-2019-15225 | Allocation of Resources Without Limits or Throttling vulnerability in Envoyproxy Envoy In Envoy through 1.11.1, users may configure a route to match incoming path headers via the libstdc++ regular expression implementation. | 7.5 |