{"id":"CVE-2020-35471","details":"Envoy before 1.16.1 mishandles dropped and truncated datagrams, as demonstrated by a segmentation fault for a UDP packet size larger than 1500.","aliases":["BIT-envoy-2020-35471"],"modified":"2026-04-11T09:46:25.177595Z","published":"2020-12-15T01:15:13.870Z","related":["openSUSE-SU-2022:0065-1"],"references":[{"type":"FIX","url":"https://github.com/envoyproxy/envoy/compare/v1.16.0...v1.16.1"},{"type":"FIX","url":"https://github.com/envoyproxy/envoy/pull/14122"},{"type":"EVIDENCE","url":"https://github.com/envoyproxy/envoy/issues/14113"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/envoyproxy/envoy","events":[{"introduced":"0"},{"fixed":"0717f49fef0dac3818cd7cdc52bf18e0ae1f7a2c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.16.1"}]}}],"versions":["v1.0.0","v1.1.0","v1.10.0","v1.11.0","v1.12.0","v1.13.0","v1.14.0","v1.15.0","v1.16.0","v1.2.0","v1.3.0","v1.4.0","v1.5.0","v1.6.0","v1.7.0","v1.8.0","v1.9.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-35471.json","vanir_signatures":[{"signature_version":"v1","id":"CVE-2020-35471-373da623","signature_type":"Line","deprecated":false,"digest":{"line_hashes":["131204029759339862986326872176907194143","8315711033336415069387641955587933397","180178330427094755049822304876287727863","154652574641508373041638957818451707934"],"threshold":0.9},"target":{"file":"source/server/connection_handler_impl.cc"},"source":"https://github.com/envoyproxy/envoy/commit/0717f49fef0dac3818cd7cdc52bf18e0ae1f7a2c"},{"signature_version":"v1","id":"CVE-2020-35471-4471e0c5","signature_type":"Line","deprecated":false,"digest":{"line_hashes":["304832360493619245575785821857941230522","58072314304350740758434783398840774936","253066578701505843595586025947161622852","143395993664261232895963008373531278921","90535865904670140656649989927407341081","30695165069688148553736720927527606474","273542442853495813808105517980188796478","44454462798017145680154333844542751925","98738407283226628477786289393006431257","112043481163063748425909700695669389018","156095165858063837556317049279107360653","260460737136737242659349249103925760821","324980028845647638019925282319855723158","287840385617234031781812252431680592404","215831503921888146377477691678125399780"],"threshold":0.9},"target":{"file":"test/integration/proxy_proto_integration_test.h"},"source":"https://github.com/envoyproxy/envoy/commit/0717f49fef0dac3818cd7cdc52bf18e0ae1f7a2c"},{"signature_version":"v1","id":"CVE-2020-35471-5bd07ec1","signature_type":"Line","deprecated":false,"digest":{"line_hashes":["317158422460062390569541586553340651141","188545860483965097382454808649672515013","87136608404409369736246237155290488473","29667346942229151296377789069746541136","173345536128078706522041138752856204893","262294055421710382396638433211288245350","317163328929627490087814819905050249142"],"threshold":0.9},"target":{"file":"test/integration/proxy_proto_integration_test.cc"},"source":"https://github.com/envoyproxy/envoy/commit/0717f49fef0dac3818cd7cdc52bf18e0ae1f7a2c"},{"signature_version":"v1","id":"CVE-2020-35471-64c1d30b","signature_type":"Function","deprecated":false,"digest":{"function_hash":"185610297851602743970956302374790945869","length":607},"target":{"function":"ProxyProtoIntegrationTest","file":"test/integration/proxy_proto_integration_test.h"},"source":"https://github.com/envoyproxy/envoy/commit/0717f49fef0dac3818cd7cdc52bf18e0ae1f7a2c"}],"vanir_signatures_modified":"2026-04-11T09:46:25Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}