x/vulndb: potential Go vuln in github.com/envoyproxy/envoy: CVE-2024-23326

[tatianab]

CVE-2024-23326 references github.com/envoyproxy/envoy, which may be a Go module.

Description: Envoy is a cloud-native, open source edge and service proxy. A theoretical request smuggling vulnerability exists through Envoy if a server can be tricked into adding an upgrade header into a response. Per RFC https://www.rfc-editor.org/rfc/rfc7230#section-6.7 a server sends 101 when switching protocols. Envoy incorrectly accepts a 200 response from a server when requesting a protocol upgrade, but 200 does not indicate protocol switch. This opens up the possibility of request smuggling through Envoy if the server can be tricked into adding the upgrade header to the response.

References:

• NIST: https://nvd.nist.gov/vuln/detail/CVE-2024-23326
• JSON: https://github.com/CVEProject/cvelist/tree/e076e9c24f3ede5a41143e706602e9c41139fd45/2024/23xxx/CVE-2024-23326.json
• advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-23326
• web: https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c
• Imported by: https://pkg.go.dev/github.com/envoyproxy/envoy?tab=importedby

Cross references:

• Module github.com/envoyproxy/envoy appears in issue #330 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #331 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #332 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #333 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #334 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #335 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #336 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #337 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #484 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #485 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #486 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #487 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #488 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1690 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1691 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1692 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1693 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1694 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1695 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1917 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1921 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1966 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1968 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1969 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #1970 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #2106 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #2242 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2247 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2248 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2249 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2250 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2260 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2273 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2274 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2275 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2279 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2291 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2292 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2301 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2302 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2307 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2308 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2309 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2310 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2311 LEGACY_FALSE_POSITIVE
• Module github.com/envoyproxy/envoy appears in issue #2542 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #2543 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #2544 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #2545 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #2546 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #2710 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #2713 NOT_GO_CODE
• Module github.com/envoyproxy/envoy appears in issue #2735 NOT_GO_CODE

See doc/triage.md for instructions on how to triage this report.

id: GO-ID-PENDING
modules:
    - module: github.com/envoyproxy/envoy
      vulnerable_at: 1.30.2
      packages:
        - package: envoy
summary: CVE-2024-23326 in github.com/envoyproxy/envoy
cves:
    - CVE-2024-23326
references:
    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-23326
    - web: https://github.com/envoyproxy/envoy/security/advisories/GHSA-vcf8-7238-v74c
source:
    id: CVE-2024-23326
    created: 2024-06-07T17:17:48.870801-04:00
review_status: UNREVIEWED

[gopherbot]

Change https://go.dev/cl/592765 mentions this issue: data/excluded,data/reports: add 10 reports