{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-15T07:14:32.177","vulnerabilities":[{"cve":{"id":"CVE-2021-43825","sourceIdentifier":"security-advisories@github.com","published":"2022-02-22T23:15:10.890","lastModified":"2024-11-21T06:29:52.517","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy, designed for cloud-native applications. Sending a locally generated response must stop further processing of request or response data. Envoy tracks the amount of buffered request and response data and aborts the request if the amount of buffered data is over the limit by sending 413 or 500 responses. However when the buffer overflows while response is processed by the filter chain the operation may not be aborted correctly and result in accessing a freed memory block. If this happens Envoy will crash resulting in a denial of service."},{"lang":"es","value":"Envoy es un proxy de borde y servicio de código abierto, diseñado para aplicaciones nativas de la nube. El envío de una respuesta generada localmente debe detener el procesamiento posterior de los datos de petición o respuesta. Envoy realiza un seguimiento de la cantidad de datos de petición y respuesta almacenados en el búfer y aborta la petición si la cantidad de datos almacenados en el búfer supera el límite enviando 413 o 500 respuestas. Sin embargo, cuando el búfer es desbordado mientras la respuesta es procesada por la cadena de filtros, es posible que la operación no sea abortada correctamente y que sea accedido a un bloque de memoria liberado. Si esto ocurre, Envoy será bloqueado resultando en una denegación de servicio"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionEndExcluding":"1.18.6","matchCriteriaId":"0EFC93D0-C206-417C-81D0-F18145E3D768"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.19.0","versionEndExcluding":"1.19.3","matchCriteriaId":"2812AC62-44B5-4077-862D-A221CD88981D"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.20.0","versionEndExcluding":"1.20.2","matchCriteriaId":"F5441B2D-F807-4ED9-AFB9-ED4DE07CE5F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.21.0","versionEndExcluding":"1.21.1","matchCriteriaId":"83895D03-DAD1-4893-8A1C-F9143DEEC172"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/commit/148de954ed3585d8b4298b424aa24916d0de6136","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-h69p-g6xg-mhhh","source":"security-advisories@github.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/envoyproxy/envoy/commit/148de954ed3585d8b4298b424aa24916d0de6136","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-h69p-g6xg-mhhh","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]}]}}]}