← voltar
CVE-2020-35470

CVE-2020-35470

EPSS 1.0%
Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter (not HTTP filters).
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/envoyproxy/envoy/compare/v1.16.0...v1.16.1https://github.com/envoyproxy/envoy/issues/14087https://github.com/envoyproxy/envoy/pull/14131