CVE Alert: CVE-2025-30157
Vulnerability Summary: CVE-2025-30157
Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy’s ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter’s life time issue. A known situation is the failure of a websocket handshake will trigger a local reply leading to the crash of Envoy. This vulnerability is fixed in 1.33.1, 1.32.4, 1.31.6, and 1.30.10.
Affected Endpoints:
No affected endpoints listed.
Published Date:
3/21/2025, 3:15:43 PM
⚠️ CVSS Score:
Exploit Status:
Not ExploitedReferences:
- https://github.com/envoyproxy/envoy/commit/8eda1b8ef5ba8663d16a737ab99458c039a9b53c
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-cf3q-gqg7-3fm9
- https://github.com/envoyproxy/envoy/security/advisories/GHSA-cf3q-gqg7-3fm9
Recommended Action:
No proposed action available. Please refer to vendor documentation for updates.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
