CVE-2024-23322 | envoyproxy envoy up to 1.26.7/1.27.3/1.28.1/1.29.1 Timeout use after free (GHSA-6p83-mfmh-qv38)

Posted by Angelo Barbosa | Feb 10, 2024 | CVE

A vulnerability was found in envoyproxy envoy up to 1.26.7/1.27.3/1.28.1/1.29.1. It has been declared as problematic. This vulnerability affects unknown code of the component Timeout Handler. The manipulation leads to use after free.

This vulnerability was named CVE-2024-23322. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23322 | envoyproxy envoy up to 1.26.7/1.27.3/1.28.1/1.29.1 Timeout use after free (GHSA-6p83-mfmh-qv38)

Related Posts

CVE-2024-6551 | GiveWP Plugin up to 3.15.1 on WordPress information disclosure

CVE-2024-28298 | BM SOFT BMPlanning 1.0.0.1 /BMServerR.dll/BMRest SEC_IDF/LIE_IDF/PLANF_IDF/CLI_IDF/DOS_IDF sql injection

CVE-2024-6327 | Progress Telerik Report Server up to 18.1.24.514 deserialization

CVE-2024-0665 | WP Customer Area Plugin up to 8.2.2 on WordPress cross site scripting