The package github.com/pires/go-proxyproto
before 0.6.1 is vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header. While this issue was patched in 0.6.0, the fix introduced additional issues which were subsequently patched in 0.6.1.
github.com/pires/go-proxyproto
github.com/pires/go-proxyproto/commit/2e44d7a76a851d66890ab341403253afae5caac2
github.com/pires/go-proxyproto/issues/65
github.com/pires/go-proxyproto/issues/75
github.com/pires/go-proxyproto/pull/74
github.com/pires/go-proxyproto/pull/74/commits/cdc63867da24fc609b727231f682670d0d1cd346
github.com/pires/go-proxyproto/pull/76
github.com/pires/go-proxyproto/releases/tag/v0.6.0
github.com/pires/go-proxyproto/releases/tag/v0.6.1
nvd.nist.gov/vuln/detail/CVE-2021-23409
pkg.go.dev/vuln/GO-2022-0233
snyk.io/vuln/SNYK-GOLANG-GITHUBCOMPIRESGOPROXYPROTO-1316439