Description
Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.34.0 until 1.35.13, 1.36.9, 1.37.5, and 1.38.3, Envoy crashes if an ext_proc server sends a single gRPC message containing multiple, specially crafted ProcessingResponse messages. This can occur when the first response in the batch causes the gRPC stream object to be destroyed, leading to a use-after-free error when Envoy attempts to process subsequent responses in the same gRPC message. This vulnerability is fixed in 1.35.13, 1.36.9, 1.37.5, and 1.38.3.
Remediation
References
Related Vulnerabilities
Joomla! Core 3.x.x Multiple Cross-Site Scripting Vulnerabilities (3.0.0 - 3.8.7)
Atlassian Jira Improper Privilege Management Vulnerability (CVE-2018-13400)
IBMHttpServer Other Vulnerability (CVE-2006-3918)
TYPO3 Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2025-59016)