x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: GHSA-cf3q-gqg7-3fm9 #3544

GoVulnBot · 2025-03-21T16:01:33Z

Advisory GHSA-cf3q-gqg7-3fm9 references a vulnerability in the following Go modules:

Module
github.com/envoyproxy/envoy

Description:

Summary

Envoy's ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the fail of a websocket handshake will trigger a local reply leading to the crash of Envoy.

PoC

If both websocket and ext_proc are enabled, a failed handshake will trigger a local reply, thus ext_proc will crash.

Mitigation

Disable websocket traffic
Change the websocket response from backend to always return 101 Switch protocol based on RFC.
Apply the patch and the ext_proc filter will not send the local r...

References:

ADVISORY: GHSA-cf3q-gqg7-3fm9
ADVISORY: GHSA-cf3q-gqg7-3fm9
ADVISORY: https://nvd.nist.gov/vuln/detail/CVE-2025-30157
FIX: envoyproxy/envoy@8eda1b8

Cross references:

github.com/envoyproxy/envoy appears in 70 other report(s):
- data/excluded/GO-2022-0330.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2021-43824 #330) NOT_GO_CODE
- data/excluded/GO-2022-0331.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2021-43825 #331) NOT_GO_CODE
- data/excluded/GO-2022-0332.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2021-43826 #332) NOT_GO_CODE
- data/excluded/GO-2022-0333.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-21654 #333) NOT_GO_CODE
- data/excluded/GO-2022-0334.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-21655 #334) NOT_GO_CODE
- data/excluded/GO-2022-0335.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-21656 #335) NOT_GO_CODE
- data/excluded/GO-2022-0336.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-21657 #336) NOT_GO_CODE
- data/excluded/GO-2022-0337.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-23606 #337) NOT_GO_CODE
- data/excluded/GO-2022-0484.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-29224 #484) NOT_GO_CODE
- data/excluded/GO-2022-0485.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-29225 #485) NOT_GO_CODE
- data/excluded/GO-2022-0486.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-29226 #486) NOT_GO_CODE
- data/excluded/GO-2022-0487.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-29227 #487) NOT_GO_CODE
- data/excluded/GO-2022-0488.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2022-29228 #488) NOT_GO_CODE
- data/excluded/GO-2023-1690.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-27487 #1690) NOT_GO_CODE
- data/excluded/GO-2023-1691.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-27488 #1691) NOT_GO_CODE
- data/excluded/GO-2023-1692.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-27491 #1692) NOT_GO_CODE
- data/excluded/GO-2023-1693.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-27492 #1693) NOT_GO_CODE
- data/excluded/GO-2023-1694.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-27493 #1694) NOT_GO_CODE
- data/excluded/GO-2023-1695.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-27496 #1695) NOT_GO_CODE
- data/excluded/GO-2023-1917.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-35945 #1917) NOT_GO_CODE
- data/excluded/GO-2023-1921.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: GHSA-2wmf-p7f8-w42h #1921) NOT_GO_CODE
- data/excluded/GO-2023-1966.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-35941 #1966) NOT_GO_CODE
- data/excluded/GO-2023-1968.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-35942 #1968) NOT_GO_CODE
- data/excluded/GO-2023-1969.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-35943 #1969) NOT_GO_CODE
- data/excluded/GO-2023-1970.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-35944 #1970) NOT_GO_CODE
- data/excluded/GO-2023-2106.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2023-44487 #2106) NOT_GO_CODE
- data/excluded/GO-2023-2242.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2019-15226 #2242) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2247.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2019-18801 #2247) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2248.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2019-18802 #2248) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2249.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2019-18836 #2249) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2250.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2019-18838 #2250) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2260.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2019-9900 #2260) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2273.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-12603 #2273) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2274.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-12604 #2274) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2275.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-12605 #2275) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2279.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-15104 #2279) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2291.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-25017 #2291) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2292.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-25018 #2292) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2301.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-35470 #2301) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2302.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-35471 #2302) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2307.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-8659 #2307) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2308.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-8660 #2308) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2309.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-8661 #2309) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2310.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-8663 #2310) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2023-2311.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2020-8664 #2311) LEGACY_FALSE_POSITIVE
- data/excluded/GO-2024-2542.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-23322 #2542) NOT_GO_CODE
- data/excluded/GO-2024-2543.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-23323 #2543) NOT_GO_CODE
- data/excluded/GO-2024-2544.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-23324 #2544) NOT_GO_CODE
- data/excluded/GO-2024-2545.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-23325 #2545) NOT_GO_CODE
- data/excluded/GO-2024-2546.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-23327 #2546) NOT_GO_CODE
- data/excluded/GO-2024-2710.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-27919 #2710) NOT_GO_CODE
- data/excluded/GO-2024-2713.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-30255 #2713) NOT_GO_CODE
- data/excluded/GO-2024-2735.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-32475 #2735) NOT_GO_CODE
- data/excluded/GO-2024-2890.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-23326 #2890) NOT_GO_CODE
- data/excluded/GO-2024-2892.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-32974 #2892) NOT_GO_CODE
- data/excluded/GO-2024-2893.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-32975 #2893) NOT_GO_CODE
- data/excluded/GO-2024-2894.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-32976 #2894) NOT_GO_CODE
- data/excluded/GO-2024-2895.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-34362 #2895) NOT_GO_CODE
- data/excluded/GO-2024-2896.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-34363 #2896) NOT_GO_CODE
- data/excluded/GO-2024-2897.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-34364 #2897) NOT_GO_CODE
- data/excluded/GO-2024-2960.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-39305 #2960) NOT_GO_CODE
- data/excluded/GO-2024-3144.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-7207 #3144) NOT_GO_CODE
- data/excluded/GO-2024-3145.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-45806 #3145) NOT_GO_CODE
- data/excluded/GO-2024-3146.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-45807 #3146) NOT_GO_CODE
- data/excluded/GO-2024-3147.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-45808 #3147) NOT_GO_CODE
- data/excluded/GO-2024-3148.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-45809 #3148) NOT_GO_CODE
- data/excluded/GO-2024-3149.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-45810 #3149) NOT_GO_CODE
- data/excluded/GO-2024-3345.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-53269 #3345) NOT_GO_CODE
- data/excluded/GO-2024-3346.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-53270 #3346) NOT_GO_CODE
- data/excluded/GO-2024-3347.yaml (x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-53271 #3347) NOT_GO_CODE

See doc/quickstart.md for instructions on how to triage this report.

id: GO-ID-PENDING
modules:
    - module: github.com/envoyproxy/envoy
      versions:
        - fixed: 1.30.10
        - introduced: 1.31.0
        - fixed: 1.31.6
        - introduced: 1.32.0
        - fixed: 1.32.4
        - introduced: 1.33.0
        - fixed: 1.33.1
      vulnerable_at: 1.33.0
summary: Envoy crashes when HTTP ext_proc processes local replies in github.com/envoyproxy/envoy
cves:
    - CVE-2025-30157
ghsas:
    - GHSA-cf3q-gqg7-3fm9
references:
    - advisory: https://github.com/advisories/GHSA-cf3q-gqg7-3fm9
    - advisory: https://github.com/envoyproxy/envoy/security/advisories/GHSA-cf3q-gqg7-3fm9
    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-30157
    - fix: https://github.com/envoyproxy/envoy/commit/8eda1b8ef5ba8663d16a737ab99458c039a9b53c
source:
    id: GHSA-cf3q-gqg7-3fm9
    created: 2025-03-21T16:01:33.60117419Z
review_status: UNREVIEWED

The text was updated successfully, but these errors were encountered:

GoVulnBot added the NeedsTriage label Mar 21, 2025

thatnealpatel added possibly not Go triaged and removed NeedsTriage labels Mar 25, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: GHSA-cf3q-gqg7-3fm9 #3544

x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: GHSA-cf3q-gqg7-3fm9 #3544

GoVulnBot commented Mar 21, 2025

x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: GHSA-cf3q-gqg7-3fm9 #3544

x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: GHSA-cf3q-gqg7-3fm9 #3544

Comments

GoVulnBot commented Mar 21, 2025

Summary

PoC

Mitigation