BIT-envoy-2024-53271

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/envoy/BIT-envoy-2024-53271.json
JSON Data
https://api.test.osv.dev/v1/vulns/BIT-envoy-2024-53271
Aliases
Published
2024-12-20T07:08:24.205Z
Modified
2024-12-20T07:58:28.645394Z
Summary
[none]
Details

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to upgrade. There are no known workarounds for this issue.

Database specific
{
    "cpes": [
        "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*"
    ],
    "severity": "High"
}
References

Affected packages

Bitnami / envoy

Package

Name
envoy
Purl
pkg:bitnami/envoy

Severity

  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
1.31.0
Fixed
1.31.5
Introduced
1.32.0
Fixed
1.32.3