Описание
Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to crash.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.28.0 (включая) до 1.28.4 (исключая)Версия от 1.29.0 (включая) до 1.29.5 (исключая)Версия от 1.30.0 (включая) до 1.30.2 (исключая)
Одно из
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00028
Низкий
7.5 High
CVSS3
Дефекты
CWE-248
NVD-CWE-Other
Связанные уязвимости
CVSS3: 7.5
redhat
больше 1 года назад
Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to crash.
CVSS3: 7.5
debian
больше 1 года назад
Envoy is a cloud-native, open source edge and service proxy. Due to ho ...
EPSS
Процентиль: 8%
0.00028
Низкий
7.5 High
CVSS3
Дефекты
CWE-248
NVD-CWE-Other