| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-29228 | Reachable assertion in Envoy | envoyproxy | envoy | High | 7.5 | 2022-06-09 19:20:13 | Deep Dive |
| CVE-2022-29225 | Zip bomb vulnerability in Envoy | envoyproxy | envoy | High | 7.5 | 2022-06-09 19:15:14 | Deep Dive |
| CVE-2022-29224 | Segmentation fault leading to crash in Envoy | envoyproxy | envoy | Medium | 5.9 | 2022-06-09 19:10:10 | Deep Dive |
| CVE-2021-43826 | Crash when tunneling TCP over HTTP in Envoy | envoyproxy | envoy | High | 7.5 | 2022-02-22 22:45:22 | Deep Dive |
| CVE-2021-43825 | Use-after-free in Envoy | envoyproxy | envoy | Medium | 6.1 | 2022-02-22 22:45:12 | Deep Dive |
| CVE-2022-21655 | Incorrect handling of internal redirects results in crash in Envoy | envoyproxy | envoy | High | 7.5 | 2022-02-22 22:40:11 | Deep Dive |
| CVE-2022-21654 | Incorrect configuration handling allows TLS session re-use without re-validation in Envoy | envoyproxy | envoy | High | 7.4 | 2022-02-22 22:35:11 | Deep Dive |
| CVE-2022-21657 | X.509 Extended Key Usage and Trust Purposes bypass in Envoy | envoyproxy | envoy | Medium | 6.8 | 2022-02-22 22:30:12 | Deep Dive |
| CVE-2022-21656 | X.509 subjectAltName matching bypass in Envoy | envoyproxy | envoy | High | 7.4 | 2022-02-22 22:25:11 | Deep Dive |
| CVE-2022-23606 | Crash when a cluster is deleted in Envoy | envoyproxy | envoy | Medium | 4.4 | 2022-02-22 22:20:13 | Deep Dive |
| CVE-2021-43824 | Null pointer dereference in envoy | envoyproxy | envoy | High | 7.5 | 2022-02-22 22:15:10 | Deep Dive |
| CVE-2021-32780 | Incorrect handling of H/2 GOAWAY followed by SETTINGS frames | envoyproxy | envoy | High | 8.6 | 2021-08-24 20:55:10 | Deep Dive |
| CVE-2021-32781 | Continued processing of requests after locally generated response | envoyproxy | envoy | High | 8.6 | 2021-08-24 20:50:10 | Deep Dive |
| CVE-2021-32779 | Incorrectly handling of URI '#fragment' element as part of the path element | envoyproxy | envoy | High | 8.6 | 2021-08-24 20:45:09 | Deep Dive |
| CVE-2021-32778 | Excessive CPU utilization when closing HTTP/2 streams | envoyproxy | envoy | Medium | 5.8 | 2021-08-24 20:30:11 | Deep Dive |
| CVE-2021-32777 | Incorrect concatenation of multiple value request headers in ext-authz extension | envoyproxy | envoy | High | 8.6 | 2021-08-24 20:25:09 | Deep Dive |
| CVE-2021-29492 | Bypass of path matching rules using escaped slash characters | envoyproxy | envoy | High | 8.1 | 2021-05-28 21:00:24 | Deep Dive |
| CVE-2021-21378 | JWT authentication bypass with unknown issuer token | envoyproxy | envoy | High | 8.2 | 2021-03-11 02:40:14 | Deep Dive |
| CVE-2020-15104 | TLS Validation Vulnerability in Envoy | envoyproxy | envoy | Medium | 4.6 | 2020-07-14 22:05:14 | Deep Dive |
| CVE-2020-10739 | Istio 代码问题漏洞 | istio.io | istio/envoy | High | 7.5 | 2020-06-02 12:22:15 | Deep Dive |