An Envoy instance that receives an HTTP/3 request that is fully transmitted at the transport layer but carries a nonzero Content-Length can translate it into an HTTP/1 request whose body debt remains unresolved. When the upstream HTTP/1 server replies before consuming the declared body and keeps the connection reusable, the next downstream request generated by Envoy can be interpreted as part of the previous request’s body. The remaining data is then parsed by the upstream server as a new HTTP/1 request, effectively bypassing configured routes or desynchronizing request processing. This allows an attacker to cause the backend to execute an unintended request, potentially gaining unauthorized access or influencing application behavior.

The vulnerability affects all Envoyproxy Envoy releases older than 1.35.11, 1.36.7, 1.37.3, and 1.38.1. Any deployment of these versions that handles HTTP/3 traffic and forwards to an HTTP/1 upstream is potentially susceptible.

With a CVSS score of 7.5 the issue has a high severity rating; the EPSS score is not available, and the vulnerability is not listed in CISA KEV. The attack requires sending a specially crafted HTTP/3 request with a nonzero Content-Length header and a headers‑only close. If the upstream server replies before reading the body and reuses the connection, the condition is met. The exploit can lead to unauthorized request execution or route bypass, posing a significant risk to confidentiality, integrity, and availability if the affected services are exposed to untrusted clients.