← volver
CVE-2020-35470

CVE-2020-35470

EPSS 1.0%
Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter (not HTTP filters).
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/envoyproxy/envoy/compare/v1.16.0...v1.16.1https://github.com/envoyproxy/envoy/issues/14087https://github.com/envoyproxy/envoy/pull/14131