SecuriTricks - CVE-2025-30157

Description

Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failure of a websocket handshake will trigger a local reply leading to the crash of Envoy. This vulnerability is fixed in 1.33.1, 1.32.4, 1.31.6, and 1.30.10.

Product(s) Impacted

Vendor	Product	Versions
Envoy	Envoy	<1.30.10, <1.31.6, <1.32.4, <1.33.1

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-460

Improper Cleanup on Thrown Exception

The product does not clean up its state or incorrectly cleans up its state when an exception is thrown, leading to unexpected state or control flow.

*CPE(s)

Affected systems and software identified for this CVE.

Type	Vendor	Product	Version	Update	Edition	Language	Software Edition	Target Software	Target Hardware	Other Information
a	envoy	envoy	<1.30.10	/	/	/	/	/	/	/
a	envoy	envoy	<1.31.6	/	/	/	/	/	/	/
a	envoy	envoy	<1.32.4	/	/	/	/	/	/	/
a	envoy	envoy	<1.33.1	/	/	/	/	/	/	/

References

https://github.com/envoyproxy/envoy/commit/8eda1b8ef5ba8663d16a737ab99458c039a9b53c

https://github.com/envoyproxy/envoy/security/advisories/GHSA-cf3q-gqg7-3fm9

CVSS Score

6.5 / 10

CVSS Data - 3.1

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

View Vector String

Timeline

Published: March 21, 2025, 3:15 p.m.
Last Modified: March 21, 2025, 4:15 p.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

security-advisories@github.com

CVE-2025-30157