CVE-2025-66220
HIGH EPSS 5.3%
Published Dec 3, 20256mo ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
Published Dec 3, 2025 6mo ago
Last Modified Jun 17, 2026 1w ago
Description
Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, Envoy’s mTLS certificate matcher for match_typed_subject_alt_names may incorrectly treat certificates containing an embedded null byte (\0) inside an OTHERNAME SAN value as valid matches.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Low
Availability None
Threat Intelligence
EPSS Exploit Probability
5.3% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-170
Affected Products 4
| Vendor | Product | Version | Range |
|---|---|---|---|
| envoyproxy | envoy | * | <1.33.13 |
| envoyproxy | envoy | * | ≥1.34.0 – <1.34.11 |
| envoyproxy | envoy | * | ≥1.35.0 – <1.35.7 |
| envoyproxy | envoy | * | ≥1.36.0 – <1.36.3 |
References 1
- github.com https://github.com/envoyproxy/envoy/security/advisories/GHSA-rwjg-c3h2-f57p
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.