CVE-2024-32975 – Envoy crashes in QuicheDataReader::PeekVarInt62Length()
https://notcve.org/view.php?id=CVE-2024-32975
Envoy is a cloud-native, open source edge and service proxy. There is a crash at `QuicheDataReader::PeekVarInt62Length()`. It is caused by integer underflow in the `QuicStreamSequencerBuffer::PeekRegion()` implementation. Envoy es un proxy de servicio y borde de código abierto, nativo de la nube. Hay un bloqueo en `QuicheDataReader::PeekVarInt62Length()`. • https://github.com/envoyproxy/envoy/security/advisories/GHSA-g9mq-6v96-cpqc • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVE-2024-32976 – Envoy can enter an endless loop while decompressing Brotli data with extra input
https://notcve.org/view.php?id=CVE-2024-32976
Envoy is a cloud-native, open source edge and service proxy. Envoyproxy with a Brotli filter can get into an endless loop during decompression of Brotli data with extra input. Envoy es un proxy de servicio y borde de código abierto, nativo de la nube. Envoyproxy con un filtro Brotli puede entrar en un bucle sin fin durante la descompresión de datos Brotli con entrada adicional. A flaw was found in Envoy's Brotli decompressor. • https://github.com/envoyproxy/envoy/security/advisories/GHSA-7wp5-c2vq-4f8m https://access.redhat.com/security/cve/CVE-2024-32976 https://bugzilla.redhat.com/show_bug.cgi?id=2283145 • CWE-400: Uncontrolled Resource Consumption CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2024-34362 – Envoy affected by a crash (use-after-free) in EnvoyQuicServerStream
https://notcve.org/view.php?id=CVE-2024-34362
Envoy is a cloud-native, open source edge and service proxy. There is a use-after-free in `HttpConnectionManager` (HCM) with `EnvoyQuicServerStream` that can crash Envoy. An attacker can exploit this vulnerability by sending a request without `FIN`, then a `RESET_STREAM` frame, and then after receiving the response, closing the connection. Envoy es un proxy de servicio y borde de código abierto, nativo de la nube. Hay un use-after-free en `HttpConnectionManager` (HCM) con `EnvoyQuicServerStream` que puede bloquear Envoy. • https://github.com/envoyproxy/envoy/security/advisories/GHSA-hww5-43gv-35jv • CWE-416: Use After Free •
CVE-2024-34363 – Envoy can crash due to uncaught nlohmann JSON exception
https://notcve.org/view.php?id=CVE-2024-34363
Envoy is a cloud-native, open source edge and service proxy. Due to how Envoy invoked the nlohmann JSON library, the library could throw an uncaught exception from downstream data if incomplete UTF-8 strings were serialized. The uncaught exception would cause Envoy to crash. Envoy es un proxy de servicio y borde de código abierto, nativo de la nube. Debido a cómo Envoy invocó la librería JSON de nlohmann, la librería podría generar una excepción no detectada de los datos posteriores si se serializaran cadenas UTF-8 incompletas. • https://github.com/envoyproxy/envoy/security/advisories/GHSA-g979-ph9j-5gg4 • CWE-248: Uncaught Exception •
CVE-2024-34364 – Envoy OOM vector from HTTP async client with unbounded response buffer for mirror response
https://notcve.org/view.php?id=CVE-2024-34364
Envoy is a cloud-native, open source edge and service proxy. Envoy exposed an out-of-memory (OOM) vector from the mirror response, since async HTTP client will buffer the response with an unbounded buffer. Envoy es un proxy de servicio y borde de código abierto, nativo de la nube. Envoy expuso un vector de falta de memoria (OOM) de la respuesta reflejada, ya que el cliente HTTP asíncrono almacenará la respuesta en un búfer ilimitado. • https://github.com/envoyproxy/envoy/security/advisories/GHSA-xcj3-h7vf-fw26 • CWE-400: Uncontrolled Resource Consumption CWE-787: Out-of-bounds Write •