CVE-2025-64527 | Envoy up to 1.33.12/1.34.10/1.35.6/1.36.2 onJwksError null pointer dereference (GHSA-mp85-7mrq-r866)

A vulnerability was found in Envoy up to 1.33.12/1.34.10/1.35.6/1.36.2. It has been declared as problematic. This impacts the function onJwksError. The manipulation results in null pointer dereference.

This vulnerability is known as CVE-2025-64527. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More