CNNVD-202509-420 Information

CNNVD ID

CNNVD-202509-420

Related CVE

CVE-2025-54588

• CNNVD Published: 2025-09-03

Description (Chinese)

Envoy是Enphase开源的一款用于连接智能家居设备的网关程序。 Envoy 1.34.0至1.34.4版本和1.35.0版本存在资源管理错误漏洞，该漏洞源于DNS缓存中存在释放后重用，可能导致进程异常终止。

Description (English)

Envoy is an enphase open source gateway to connect smart home devices. Envoy 1.34.0 to 1.34.4 and 1.35.0 had a resource management error gap, which stemmed from the release re-use in the DNS cache and could lead to an abnormal termination of the process.

Hazard Level

Medium

Vulnerability Type

资源管理错误

Affected Vendor

Enphase

Published

2025-09-03

Last Modified

2026-02-24

References

https://github.com/envoyproxy/envoy/releases/tag/v1.34.5 https://github.com/envoyproxy/envoy/releases/tag/v1.35.1 https://github.com/envoyproxy/envoy/security/advisories/GHSA-g9vw-6pvx-7gmw

Patch

https://www.envoyproxy.io/