Количество 8
Количество 8
CVE-2023-35942
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.
CVE-2023-35942
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update.
CVE-2023-35942
Envoy is an open source edge and service proxy designed for cloud-nati ...
BDU:2023-04198
Уязвимость прокси-сервера Envoy, связанная с ошибкой использования после освобождения, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании» (DoS)
ELSA-2023-12781
ELSA-2023-12781: istio security update (IMPORTANT)
ELSA-2023-12780
ELSA-2023-12780: istio security update (IMPORTANT)
ELSA-2023-12772
ELSA-2023-12772: olcne security update (IMPORTANT)
ELSA-2023-12771
ELSA-2023-12771: istio security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-35942 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
 | CVE-2023-35942 Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update. | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| CVE-2023-35942 Envoy is an open source edge and service proxy designed for cloud-nati ... | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
 | BDU:2023-04198 Уязвимость прокси-сервера Envoy, связанная с ошибкой использования после освобождения, позволяющая нарушителю выполнить атаку типа «отказ в обслуживании» (DoS) | CVSS3: 6.5 | 0% Низкий | около 2 лет назад |
| ELSA-2023-12781 ELSA-2023-12781: istio security update (IMPORTANT) | около 2 лет назад | ||
| ELSA-2023-12780 ELSA-2023-12780: istio security update (IMPORTANT) | около 2 лет назад | ||
| ELSA-2023-12772 ELSA-2023-12772: olcne security update (IMPORTANT) | около 2 лет назад | ||
| ELSA-2023-12771 ELSA-2023-12771: istio security update (IMPORTANT) | около 2 лет назад |
Уязвимостей на страницу