CVE-2024-23327 | envoyproxy envoy up to 1.26.6/1.27.2/1.28.0/1.29.0 PPv2 null pointer dereference (GHSA-4h5x-x9vh-m29j)

Inserito da Angelo Barbosa | Feb 10, 2024 | CVE

A vulnerability, which was classified as problematic, was found in envoyproxy envoy up to 1.26.6/1.27.2/1.28.0/1.29.0. This affects an unknown part of the component PPv2 Handler. The manipulation leads to null pointer dereference.

This vulnerability is uniquely identified as CVE-2024-23327. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23327 | envoyproxy envoy up to 1.26.6/1.27.2/1.28.0/1.29.0 PPv2 null pointer dereference (GHSA-4h5x-x9vh-m29j)

Post correlati

CVE-2024-25864 | Friendica 2023.12 fpostit.php server-side request forgery (Issue 13877)

CVE-2024-3504 | lunary-ai lunary up to 1.2.6 access control

CVE-2023-43279 | tcpreplay 4.4.4 Tcprewrite cidr.c mask_cidr6 null pointer dereference (Issue 824)

CVE-2024-8440 | wpdevteam Essential Addons for Elementor Plugin up to 6.0.3 on WordPress Fancy Text Widget cross site scripting