envoyproxy in CVE-Agent-Bench — 9 vulnerabilities tested

Overview

Envoy is a layer 7 proxy written in C++ used by Istio for service mesh and AWS App Mesh for container orchestration. The proxy processes HTTP/2, gRPC, and other protocols in real time, requiring careful handling of streaming data and protocol state machines. Envoy sits between clients and backend services, meaning protocol violations can leak data, corrupt streams, or enable injection attacks.

Benchmark coverage

9 vulnerability samples from envoyproxy are included in CVE-Agent-Bench, generating 135 individual evaluations across 15 agent configurations. These samples focus on HTTP/2 frame parsing bugs, header injection vulnerabilities, and connection state handling issues.

Vulnerability classes

envoyproxy samples cover vulnerability patterns in network protocol implementation:

• HTTP/2 frame parsing vulnerabilities where malformed frames trigger memory corruption or assertion failures
• Header injection bugs where insufficient validation allows attackers to inject additional headers or control characters
• Connection state machine violations where out-of-order frames or unexpected state transitions cause incorrect behavior
• Resource exhaustion vulnerabilities where attacker-controlled values trigger excessive memory or CPU consumption
• Stream handling bugs in HTTP/2 multiplexing where frame routing is incorrect
• Flow control bypass vulnerabilities where window size calculations allow exceeding connection limits

Why envoyproxy bugs are interesting for agent evaluation

envoyproxy vulnerabilities test an agent's ability to understand network protocol implementations and state machines. The proxy code requires deep understanding of HTTP/2 specification, connection pooling, and multiplexing. Bugs often involve subtle protocol violations or header validation gaps. Agents must generate fixes that enforce protocol correctness while maintaining performance in high-throughput production environments.

Network proxies are particularly difficult to reason about because bugs can silently corrupt data in transit without local detection, making fixes require careful understanding of the RFC specifications.

Agent performance on envoyproxy

Per-project performance data is not yet published. Aggregate results across all projects are available at the full results page, where you can view individual agent pass rates and costs. The benchmark methodology documents the evaluation process in detail.

Related projects

Projects with similar protocol state machine challenges:

• openvswitch, network packet processing with protocol parsing
• Apache, HTTP request handling with protocol compliance requirements
• libgit2, protocol implementation with binary format parsing

Explore more

• Full benchmark results
• Agent profiles
• Methodology
• Economics analysis, cost per verified patch