{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-12T00:24:28.135","vulnerabilities":[{"cve":{"id":"CVE-2024-34364","sourceIdentifier":"security-advisories@github.com","published":"2024-06-04T21:15:34.977","lastModified":"2024-11-21T09:18:30.830","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is a cloud-native, open source edge and service proxy. Envoy exposed an out-of-memory (OOM) vector from the mirror response, since async HTTP client will buffer the response with an unbounded buffer."},{"lang":"es","value":"Envoy es un proxy de servicio y borde de código abierto, nativo de la nube. Envoy expuso un vector de falta de memoria (OOM) de la respuesta reflejada, ya que el cliente HTTP asíncrono almacenará la respuesta en un búfer ilimitado."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionEndExcluding":"1.27.6","matchCriteriaId":"1020E2E2-EDFA-4188-B17F-406904256EB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.28.0","versionEndExcluding":"1.28.4","matchCriteriaId":"E5107DA5-4BC7-4AB8-8087-0DA20021D0B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.29.0","versionEndExcluding":"1.29.5","matchCriteriaId":"34583FBC-8B38-4BBB-9E3B-7731272C0A6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.30.0","versionEndExcluding":"1.30.2","matchCriteriaId":"65C0355B-7FAC-4417-B707-A3CA494C20A0"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-xcj3-h7vf-fw26","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-xcj3-h7vf-fw26","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}