{"id":"CVE-2025-30157","summary":"Envoy crashes when HTTP ext_proc processes local replies","details":"Envoy is a cloud-native high-performance edge/middle/service proxy. Prior to 1.33.1, 1.32.4, 1.31.6, and 1.30.10, Envoy's ext_proc HTTP filter is at risk of crashing if a local reply is sent to the external server due to the filter's life time issue. A known situation is the failure of a websocket handshake will trigger a local reply leading to the crash of Envoy. This vulnerability is fixed in 1.33.1, 1.32.4, 1.31.6, and 1.30.10.","aliases":["BIT-envoy-2025-30157","GHSA-cf3q-gqg7-3fm9"],"modified":"2026-04-10T05:24:40.875974Z","published":"2025-03-21T14:49:18.113Z","related":["openSUSE-SU-2025:14938-1"],"database_specific":{"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/30xxx/CVE-2025-30157.json","cwe_ids":["CWE-460"]},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/30xxx/CVE-2025-30157.json"},{"type":"ADVISORY","url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-cf3q-gqg7-3fm9"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-30157"},{"type":"FIX","url":"https://github.com/envoyproxy/envoy/commit/8eda1b8ef5ba8663d16a737ab99458c039a9b53c"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/envoyproxy/envoy","events":[{"introduced":"b0f43d67aa25c1b03c97186a200cc187f4c22db3"},{"fixed":"1f244452f6f6b47d31dc16de8b0d868b179d684e"}],"database_specific":{"versions":[{"introduced":"1.33.0"},{"fixed":"1.33.1"}]}},{"type":"GIT","repo":"https://github.com/envoyproxy/envoy","events":[{"introduced":"86dc7ef91ca15fb4957a74bd599397413fc26a24"},{"fixed":"cb67308e01e8f035f2977f153d20d99a54cb1da4"}],"database_specific":{"versions":[{"introduced":"1.32.0"},{"fixed":"1.32.4"}]}},{"type":"GIT","repo":"https://github.com/envoyproxy/envoy","events":[{"introduced":"7b8baff1758f0a584dcc3cb657b5032000bcb3d7"},{"fixed":"8b0d0de9e7d601989121cbb42efc170c342f55c3"}],"database_specific":{"versions":[{"introduced":"1.31.0"},{"fixed":"1.31.6"}]}},{"type":"GIT","repo":"https://github.com/envoyproxy/envoy","events":[{"introduced":"0"},{"fixed":"9adc6873ea3abc2305d164af41ea713bb45152dd"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.30.10"}]}}],"versions":["v1.0.0","v1.1.0","v1.10.0","v1.11.0","v1.12.0","v1.13.0","v1.14.0","v1.15.0","v1.16.0","v1.17.0","v1.18.0","v1.18.1","v1.18.2","v1.19.0","v1.2.0","v1.20.0","v1.21.0","v1.22.0","v1.23.0","v1.24.0","v1.25.0","v1.26.0","v1.27.0","v1.28.0","v1.29.0","v1.3.0","v1.30.0","v1.30.1","v1.30.2","v1.30.3","v1.30.4","v1.30.5","v1.30.6","v1.30.7","v1.30.8","v1.30.9","v1.31.0","v1.31.1","v1.31.2","v1.31.3","v1.31.4","v1.31.5","v1.32.0","v1.32.1","v1.32.2","v1.32.3","v1.33.0","v1.4.0","v1.5.0","v1.6.0","v1.7.0","v1.8.0","v1.9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-30157.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}