{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T14:23:28.488","vulnerabilities":[{"cve":{"id":"CVE-2024-53270","sourceIdentifier":"security-advisories@github.com","published":"2024-12-18T20:15:24.290","lastModified":"2025-09-04T13:47:17.810","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active request exists when `envoy.load_shed_points.http1_server_abort_dispatch` is configured. If `active_request` is nullptr, only onMessageBeginImpl() is called. However, the `onMessageBeginImpl` will directly return ok status if the stream is already reset leading to the nullptr reference. The downstream reset can actually happen during the H/2 upstream reset. As a result envoy may crash. This issue has been addressed in releases 1.32.3, 1.31.5, 1.30.9, and 1.29.12. Users are advised to upgrade. Users unable to upgrade may disable `http1_server_abort_dispatch` load shed point and/or use a high threshold."},{"lang":"es","value":"Envoy es un proxy de servicio, de borde y de medio alcance de alto rendimiento nativo de la nube. En las versiones afectadas, `sendOverloadError` asumirá que existe la solicitud activa cuando se configura `envoy.load_shed_points.http1_server_abort_dispatch`. Si `active_request` es nullptr, solo se llama a onMessageBeginImpl(). Sin embargo, `onMessageBeginImpl` devolverá directamente el estado ok si la secuencia ya se restableció y conduce a la referencia nullptr. El restablecimiento descendente puede ocurrir durante el restablecimiento ascendente de H/2. Como resultado, Envoy puede bloquearse. Este problema se ha solucionado en las versiones 1.32.3, 1.31.5, 1.30.9 y 1.29.12. Se recomienda a los usuarios que actualicen la versión. Los usuarios que no puedan actualizar pueden deshabilitar el punto de desconexión de carga `http1_server_abort_dispatch` o usar un umbral alto."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-670"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionEndExcluding":"1.29.12","matchCriteriaId":"5A36E6AD-FBE3-4C18-A627-DF988A5E51C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.30.0","versionEndExcluding":"1.30.9","matchCriteriaId":"0D053505-B0A7-4719-9AEC-15D520D1AE04"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.31.0","versionEndExcluding":"1.31.5","matchCriteriaId":"1095DF48-5B40-4A98-97B5-6E021499D800"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.32.0","versionEndExcluding":"1.32.3","matchCriteriaId":"BC2A8D30-4E42-4613-AF2F-FA99599F5454"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/pull/37743/commits/6cf8afda956ba67c9afad185b962325a5242ef02","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Third Party Advisory"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-q9qv-8j52-77p3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Third Party Advisory"]}]}}]}