Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2024-53271

Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1 non-101 1xx responses. This can lead to downstream failures in networked devices. This issue has been addressed in versions 1.31.5 and 1.32.3. Users are advised to upgrade. There are no known workarounds for this issue.

Published: Dec 18, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-53271
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.1
AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWEs:

CWE-670

Affected Software
References

Software	From	Fixed in
envoyproxy / envoy	1.31.0	1.31.5
envoyproxy / envoy	1.32.0	1.32.3.x

https://github.com/envoyproxy/envoy/commit/da56f6da63079baecef9183436ee5f4141a59af8
https://github.com/envoyproxy/envoy/security/advisories/GHSA-rmm5-h2wv-mg4f

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo