SCA: security update for github.com/envoyproxy/gateway (GHSA-mf24-chxh-hmvj)

medium Tenable Cloud Security Plugin ID 421052

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based
application gateway. In all Envoy Gateway versions prior to 1.2.7 and 1.3.1 a default Envoy Proxy access
log configuration is used. This format is vulnerable to log injection attacks. If the attacker uses a
specially crafted user-agent which performs json injection, then he could add and overwrite fields to the
access log. This vulnerability is fixed in 1.3.1 and 1.2.7. One can overwrite the old text based default
format with JSON formatter by modifying the "EnvoyProxy.spec.telemetry.accessLog" setting.
(CVE-2025-25294)

See Also

https://github.com/advisories/GHSA-mf24-chxh-hmvj

Plugin Details

Severity: Medium

ID: 421052

Version: Revision 1.14

Type: Local

Family: SCA Checks

Published: 3/7/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 1.2

Percentile: 0.01

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS Score Source: CVE-2025-25294

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 3/6/2025

Vulnerability Publication Date: 3/6/2025

Reference Information

CVE: CVE-2025-25294

cwe: CWE-117