Description

Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failure of a websocket handshake will trigger a local reply leading to the crash of Envoy. This vulnerability is fixed in 1.33.1, 1.32.4, 1.31.6, and 1.30.10.

INFO

Published Date :

2025-03-21T14:49:18.113Z

Last Modified :

2025-03-21T15:15:11.034Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-30157 vulnerability.

Vendors Products
Envoyproxy
  • Envoy
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-30157.

URL Resource
https://github.com/envoyproxy/envoy/commit/8eda1b8ef5ba8663d16a737ab99458c039a9b53c cve-icon cve-icon
https://github.com/envoyproxy/envoy/security/advisories/GHSA-cf3q-gqg7-3fm9 cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact