GO-2026-4312 — Vulnetix

GO-2026-4312 PUBLISHED CVSS 9.300000190734863 CRITICAL

Envoy Extension Policy lua scripts injection causes arbitrary command execution in github.com/envoyproxy/gateway

Risk Scores

CVSS v4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Vendor	Product	Versions
github.com	envoyproxy/gateway	0, 1.6.0-rc.0, 0