VYPR
Vendor

CNCF

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2020-8661HigMar 4, 2020
    risk 0.49cvss 7.5epss 0.02

    CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests.

  • CVE-2020-8664MedMar 4, 2020
    risk 0.35cvss 5.3epss 0.01

    CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined validation context could lead to the “static” part of the validation context to be…

  • CVE-2020-8660MedMar 4, 2020
    risk 0.34cvss 5.3epss 0.01

    CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed (not recognized as a TLS client) by a client using only TLS 1.3. Because TLS extensions (SNI, ALPN) were not inspected, those connections might have been matched to a wrong filter chain,…