VDB
KO
MEDIUM 6.5

GHSA-cxpq-8v7q-cg56

Envoy Gateway: Wasm HTTP fetch decompresses gzip without output-size limit

Details

Vulnerability report without repro case. Repro case may be added later after harness is complete.

**Preconditions (4):** - Tenant can create EnvoyExtensionPolicy (baseline) - Attacker hosts a gzip-bomb at a reachable URL - sha256 unset (optional field; check is post-decompression anyway) - No operator Wasm-URL allowlist (none exists in code)

**Description**

getFileFromGZ calls io.ReadAll on a raw gzip.Reader (httpfetcher.go:216) with no output bound, while the compressed input is capped at 256 MiB (httpfetcher.go:139). The bytes originate from a tenant-controlled EnvoyExtensionPolicy.spec.wasm[].code.http.url (envoyextensionpolicy.go:1077 → cache.go:248 → httpfetcher.go:147 → :233), so an untrusted tenant can point at a ~10 MiB gzip-of-zeros and force ~10 GiB allocation in the shared controller process. All candidate guards execute either before the body is buffered or after decompression. OOM-kills, restarts, re-reconciles same CR, crash-loops — persistent cross-tenant control-plane outage with PR:L/AC:L and scope change → HIGH despite availability-only.

Are you affected?

Enter the version of the package you're using.

Affected packages

Go / github.com/envoyproxy/gateway
Introduced in: 1.8.0-rc.0 Fixed in: 1.8.1
Fix go get github.com/envoyproxy/gateway@v1.8.1
Go / github.com/envoyproxy/gateway
Introduced in: 0 Fixed in: 1.7.4
Fix go get github.com/envoyproxy/gateway@v1.7.4

References