CVE-2024-53269 — Vulnetix

CVE-2024-53269 PUBLISHED

Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy

EPSS 0.02% · 4.3th percentile

Risk Scores

EPSS Score

0.02%

4.3th percentile

Affected Products

Vendor	Product	Versions
Bitnami	envoy	1.30.0, 1.32.0, 1.31.0
Bitnami	envoy	1.32.0, 1.31.0, 1.30.0

Exploit Intelligence

CIRCL seen: CVE-2024-53269 (circl-sighting)
https://github.com/envoyproxy/envoy/pull/37743/commits/3f62168d86aceb90f743f63b50cc711710b1c401 (circl)
https://github.com/envoyproxy/envoy/security/advisories/GHSA-mfqp-7mmj-rm53 (cve.org)

Timeline

Jan 21, 1970 Fix PR Merged
Jan 21, 1970 Security Advisory
Dec 18, 2024 CVE Published
Dec 18, 2024 PoC Published
Dec 19, 2024 EPSS Score
Jan 4, 2025 EPSS Score
Jan 21, 2025 EPSS Score
Feb 6, 2025 EPSS Score
Feb 23, 2025 EPSS Score
Mar 11, 2025 EPSS Score
Mar 28, 2025 EPSS Score
Apr 6, 2025 Coalition ESS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›