← back
CVE-2020-35470

CVE-2020-35470

EPSS 1.0%
Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter (not HTTP filters).
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/envoyproxy/envoy/compare/v1.16.0...v1.16.1https://github.com/envoyproxy/envoy/issues/14087https://github.com/envoyproxy/envoy/pull/14131