Vulnerabilities > Envoyproxy > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-22 CVE-2022-21657 Unspecified vulnerability in Envoyproxy Envoy
Envoy is an open source edge and service proxy, designed for cloud-native applications.
network
low complexity
envoyproxy
6.5
6.5
2022-02-22 CVE-2022-23606 Unspecified vulnerability in Envoyproxy Envoy 1.20.0/1.20.1/1.21.0
Envoy is an open source edge and service proxy, designed for cloud-native applications.
network
low complexity
envoyproxy
6.5
6.5
2020-07-14 CVE-2020-15104 Origin Validation Error vulnerability in Envoyproxy Envoy
In Envoy before versions 1.12.6, 1.13.4, 1.14.4, and 1.15.0 when validating TLS certificates, Envoy would incorrectly allow a wildcard DNS Subject Alternative Name apply to multiple subdomains.
network
low complexity
envoyproxy CWE-346
5.4
5.4
2020-03-04 CVE-2020-8660 Insufficient Verification of Data Authenticity vulnerability in Envoyproxy Envoy
CNCF Envoy through 1.13.0 TLS inspector bypass.
network
low complexity
envoyproxy CWE-345
5.3
5.3