GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
Envoy Extension Policy lua scripts injection causes arbitrary command execution
High
CVE-2026-22771
was published
for
github.com/envoyproxy/gateway
(Go)
Jan 13, 2026
Envoy Gateway Log Injection Vulnerability
Moderate
CVE-2025-25294
was published
for
github.com/envoyproxy/gateway
(Go)
Mar 6, 2025
Envoy Admin Interface Exposed through prometheus metrics endpoint
High
CVE-2025-24030
was published
for
github.com/envoyproxy/gateway
(Go)
Jan 23, 2025
ProTip!
Advisories are also available from the
GraphQL API