Description
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .c_str() before being passed to the Utility::dnsNameMatch() algorithm. If the attacker serves a certificate with a dNSName SAN containing an embedded NUL byte, the helper Utility::generalNameAsString captures the complete string including the NUL. However, when .c_str() evaluates it, implicit conversion to absl::string_view inside dnsNameMatch relies on strlen(), prematurely truncating the evaluation context. Envoy evaluates trucated string against the exact required config_san match and returns true, thereby successfully validating the string with the Nul byte for an upstream routing. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.
Published: 2026-06-26
Score: 4.4 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The default TLS certificate validator in Envoy incorrectly converts a DNS SAN string containing an embedded NUL byte into a C‑style string, causing the string to be truncated by strlen() before algorithm evaluates it. As a result, a certificate with a forged dNSName that includes a NUL byte satisfies the required San match and is accepted as valid. This flaw enables an attacker to bypass the intended certificate validation and gain unauthorized access or impersonate upstream services. The vulnerability is a forgery of the certificate authentication process rather than a memory corruption or denial of service.

Affected Systems

All Envoy releases prior to , 1.36.7, 1.37.3, and 1.38.1 are affected. Versions 1.35.0‑1.35.10, 1.36.0‑1.36.6, 1.37.0‑1.37.2, and 1.38.0 are vulnerable until the specified patch releases are installed.

Risk and Exploitability

The CVSS score of 4.4 indicates moderate severity, and the EPSS score is not available, so the overall exploitation probability is uncertain. Because the flaw lies in the server‑side certificate validation logic, an attacker would need control over the TLS handshake between Envoy and an upstream service to supply a malicious certificate. The vulnerability is not listed inV catalog, and no public exploits have been reported. If Envoy functions as a gateway to untrusted upstream services, the risk rises, but the lack of publicly demonstrated exploits mitigates immediate concern.

Generated by OpenCVE AI on June 26, 2026 at 20:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Envoy to a patched release (1.35.11, 1.36.7, 1.37.3.1) to eliminate the issue.
  • Verify that all upstream certificates do not contain null bytes and, if possible, enforce strict certificate validation or pinning.
  • Monitor Envoy logs for certificate validation errors or failures that could indicate attempted exploitation, and alert on anomalies.

Generated by OpenCVE AI on June 26, 2026 at 20:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 26 Jun 2026 23:15:00 +0000

Type Values Removed Values Added
First Time appeared Envoyproxy
Envoyproxy envoy
Vendors & Products Envoyproxy
Envoyproxy envoy

Fri, 26 Jun 2026 18:15:00 +0000

Type Values Removed Values Added
Description Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to 1.35.11, 1.36.7, 1.37.3, and 1.38.1, a structural flaw was identified in DefaultCertValidator::verifySubjectAltName where the extracted DNS SAN string is cast to a C-style string using .c_str() before being passed to the Utility::dnsNameMatch() algorithm. If the attacker serves a certificate with a dNSName SAN containing an embedded NUL byte, the helper Utility::generalNameAsString captures the complete string including the NUL. However, when .c_str() evaluates it, implicit conversion to absl::string_view inside dnsNameMatch relies on strlen(), prematurely truncating the evaluation context. Envoy evaluates trucated string against the exact required config_san match and returns true, thereby successfully validating the string with the Nul byte for an upstream routing. This vulnerability is fixed in 1.35.11, 1.36.7, 1.37.3, and 1.38.1.
Title Envoy: Embedded NUL in TLS DNS SAN Truncation in the Default TLS Certificate Validator. (Auth Bypass)
Weaknesses CWE-158
References
Metrics cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Envoyproxy Envoy
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-26T17:27:57.707Z

Reserved: 2026-05-19T22:36:16.883Z

Link: CVE-2026-47778

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T23:00:08Z

Weaknesses
  • CWE-158

    Improper Neutralization of Null Byte or NUL Character