GO-2025-3504
- Source
- https://pkg.go.dev/vuln/GO-2025-3504
- Import Source
- https://vuln.go.dev/ID/GO-2025-3504.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GO-2025-3504
- Aliases
- Related
- Published
- 2025-03-10T19:01:10Z
- Modified
- 2026-02-01T18:07:21.146372Z
- Summary
- Envoy Gateway Log Injection Vulnerability in github.com/envoyproxy/gateway
- Details
-
Envoy Gateway Log Injection Vulnerability in github.com/envoyproxy/gateway
- Database specific
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2025-3504" }- References
-
- https://github.com/envoyproxy/gateway/security/advisories/GHSA-mf24-chxh-hmvj
- https://nvd.nist.gov/vuln/detail/CVE-2025-25294
- https://github.com/envoyproxy/gateway/commit/041d474a70d5921e5d65e6e14ea60e14dac70b01
- https://github.com/envoyproxy/gateway/commit/358bed50dcb7b32f39a2edb252fb1399c7fc65dc
- https://github.com/envoyproxy/gateway/commit/8f48f5199cf1bbb9a8ac0695c5171bfef6c9198a
- https://github.com/envoyproxy/gateway/releases/tag/v1.2.7
- https://github.com/envoyproxy/gateway/releases/tag/v1.3.1
Affected packages
Go / github.com/envoyproxy/gateway
Package
- Name
- github.com/envoyproxy/gateway
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/envoyproxy/gateway