icon

We found results for “

CVE-2025-30157

Good to know:

icon

Date: March 21, 2025

Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failure of a websocket handshake will trigger a local reply leading to the crash of Envoy. This vulnerability is fixed in 1.33.1, 1.32.4, 1.31.6, and 1.30.10.

Severity Score

Severity Score

Weakness Type (CWE)

Improper Cleanup on Thrown Exception

CWE-460

Top Fix

icon

Upgrade Version

Upgrade to version github.com/envoyproxy/envoy - v1.30.10;github.com/envoyproxy/envoy - v1.31.6;github.com/envoyproxy/envoy - v1.32.4;github.com/envoyproxy/envoy - v1.33.1;https://github.com/envoyproxy/envoy.git - v1.30.10;https://github.com/envoyproxy/envoy.git - v1.31.6;https://github.com/envoyproxy/envoy.git - v1.32.4;https://github.com/envoyproxy/envoy.git - v1.33.1

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): HIGH

Do you need more information?

Contact Us