{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T01:58:03.010","vulnerabilities":[{"cve":{"id":"CVE-2022-21654","sourceIdentifier":"security-advisories@github.com","published":"2022-02-22T23:15:11.103","lastModified":"2024-11-21T06:45:09.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy, designed for cloud-native applications. Envoy's tls allows re-use when some cert validation settings have changed from their default configuration. The only workaround for this issue is to ensure that default tls settings are used. Users are advised to upgrade."},{"lang":"es","value":"Envoy es un proxy de borde y servicio de código abierto, diseñado para aplicaciones nativas de la nube. El tls de Envoy permite la reutilización cuando algunos ajustes de validación de cert han cambiado de su configuración por defecto. La única medida de mitigación para este problema es asegurarse de que es usada la configuración tls por defecto. Es recomendado a usuarios actualizar"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7.0","versionEndExcluding":"1.18.6","matchCriteriaId":"62EFF3F2-C20D-497C-ADEC-9FF2FD141466"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.19.0","versionEndExcluding":"1.19.3","matchCriteriaId":"2812AC62-44B5-4077-862D-A221CD88981D"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.20.0","versionEndExcluding":"1.20.2","matchCriteriaId":"F5441B2D-F807-4ED9-AFB9-ED4DE07CE5F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.21.0","versionEndExcluding":"1.21.1","matchCriteriaId":"83895D03-DAD1-4893-8A1C-F9143DEEC172"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/commit/e9f936d85dc1edc34fabd0a1725ec180f2316353","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-5j4x-g36v-m283","source":"security-advisories@github.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/envoyproxy/envoy/commit/e9f936d85dc1edc34fabd0a1725ec180f2316353","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-5j4x-g36v-m283","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]}]}}]}