github.com/envoyproxy/gateway

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/envoyproxy/gatewaypage 1 of 1

CVE-2025-24030HIGHCVSS 7.1EG 7.1✓ Fixed in 1.2.6
2025-01-23
Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack to execute Envoy Admin interface command…
CVE-2025-25294MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.2.7
2025-03-06
Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. In all Envoy Gateway versions prior to 1.2.7 and 1.3.1 a default Envoy Proxy access log configuration is used. This f…

Check whether github.com/envoyproxy/gateway is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/envoyproxy/gateway CVEs against the assets you own.

Start Free Scan →