Synced 16 Jun 2026 15:24 UTC Account

Is Envoy 1.2.0 patched?

Envoy Proxy · cycle 1.2 · end of life · Official site ↗
1.2.00/100End of life

Current stable (1.38.2): 100/100

Minimum safe version1.34.13

1.2.0 has 31 open critical-or-high vulnerabilities. Run 1.34.13 or later to clear them. See what 1.34.13 fixes →

Health score0/100
Open issues62
Exploited now0
Cycle 1.2 EOL2017-05-17
Latest release1.38.2

Summary iPlain-English security status for Envoy 1.2.0, built from its CVEs, active-exploitation data, end-of-life date and latest release.

Envoy 1.2.0 is part of the 1.2 release line. 62 known vulnerabilities affect it. The minimum safe version is 1.34.13 — upgrade to it or later to clear the open critical/high issues. The 1.2 line reached end-of-life on 2017-05-17, so it no longer receives security patches. The latest supported Envoy release is 1.38.2.

Known issues affecting 1.2.0

Exploited first, then by exploitation probability.

CVE-2024-30255 MEDIUM EPSS 88% → fixed in 1.29.3 CVE-2021-29492 HIGH EPSS 68% → fixed in 1.18.3 CVE-2019-15226 HIGH EPSS 65% → see advisory CVE-2019-9900 HIGH EPSS 4% → see advisory CVE-2019-15225 HIGH EPSS 3% → see advisory CVE-2019-9901 MEDIUM EPSS 3% → see advisory CVE-2019-18801 CRITICAL EPSS 3% → see advisory CVE-2019-18802 CRITICAL EPSS 2% → see advisory CVE-2020-35471 HIGH EPSS 2% → fixed in 1.16.1 CVE-2019-18838 HIGH EPSS 2% → see advisory CVE-2020-11767 LOW EPSS 2% → see advisory CVE-2020-12604 HIGH EPSS 2% → see advisory CVE-2021-39204 HIGH EPSS 2% → fixed in 1.18.4 CVE-2021-39162 HIGH EPSS 2% → fixed in 1.18.4 CVE-2020-8663 HIGH EPSS 1% → see advisory CVE-2020-12603 HIGH EPSS 1% → see advisory CVE-2020-12605 HIGH EPSS 1% → see advisory CVE-2022-29225 HIGH EPSS 1% → fixed in 1.22.1 CVE-2021-39206 HIGH EPSS 1% → fixed in 1.18.4 CVE-2020-25017 HIGH EPSS 1% → fixed in 1.15.1

Other Envoy versions

Check another release line of Envoy.

Envoy 1.38.2Envoy 1.37.4Envoy 1.36.8Envoy 1.35.12Envoy 1.34.14Envoy 1.33.14Envoy 1.32.13Envoy 1.31.10Envoy 1.30.11Envoy 1.29.12Envoy 1.28.7Envoy 1.27.7Envoy 1.26.8Envoy 1.25.11Envoy 1.24.12Envoy 1.23.12Envoy 1.22.11Envoy 1.21.6Envoy 1.20.7Envoy 1.19.5Envoy 1.18.6Envoy 1.17.4Envoy 1.16.5Envoy 1.15.5Envoy 1.14.7Envoy 1.13.8Envoy 1.12.7Envoy 1.11.2Envoy 1.10.0Envoy 1.9.1Envoy 1.8.0Envoy 1.7.1Envoy 1.6.0Envoy 1.5.0Envoy 1.4.0Envoy 1.3.0Envoy 1.1.0Envoy 1.0.0

Frequently asked

Is Envoy 1.2.0 patched?

Envoy 1.2.0 is end-of-life and no longer receives security patches. Move to 1.38.2.

What version should I upgrade Envoy 1.2.0 to?

Upgrade Envoy 1.2.0 to at least 1.34.13 to clear its 31 open critical-or-high vulnerabilities.

When does Envoy 1.2 reach end-of-life?

Envoy 1.2 reached end-of-life on 2017-05-17 and no longer receives security patches.

What is the latest version of Envoy?

The latest supported Envoy release is 1.38.2.

Is Envoy 1.2.0 still receiving security updates?

No — Envoy 1.2.0 is on the 1.2 line, which reached end-of-life on 2017-05-17 and no longer receives security updates. Upgrade to 1.38.2 or later to stay supported.

Informational only, from public data (NVD · CISA KEV · EPSS · endoflife.date), and can lag or miss vendor-specific fixes. Always confirm against Envoy Proxy's official advisory before you patch or upgrade — Envoy official site ↗