Every CVE whose affected-product data names Cncf Envoy, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-8659 — CVSS 7.5 (high): CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1…
CVE-2020-8661 — CVSS 7.5 (high): CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests.
CVE-2020-8664 — CVSS 5.3 (medium): CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted…