Lucene search
K

177 matches found

UbuntuCve
UbuntuCve
added 2021/07/21 7:15 a.m.20 views

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS7.1AI score0.01648EPSS
Exploits0References6
Prion
Prion
added 2021/07/21 7:15 a.m.9 views

Design/Logic Flaw

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

5CVSS7.4AI score0.01648EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/07/21 7:15 a.m.5 views

UBUNTU-CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS7.1AI score0.01648EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2021/07/21 6:45 a.m.13 views

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS7.4AI score0.01648EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/07/21 6:44 a.m.2 views

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS5.3AI score0.01648EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/07/21 12:0 a.m.4 views

go-proxyproto 处理逻辑错误漏洞

Pires go-proxyproto is Pires an open source application . It provides a secure way to securely transfer connection information functions across multiple layers of NAT or TCP proxies. A processing logic error vulnerability exists in go-proxyproto, which can be exploited to cause a denial of servic...

7.5CVSS7.2AI score0.01648EPSS
Exploits0References5
Snyk
Snyk
added 2021/07/12 1:5 p.m.2 views

Denial of Service (DoS)

Overview github.com/pires/go-proxyproto is a Go library implementation of the PROXY protocol, versions 1 and 2. Affected versions of this package are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header. Details Denial of Service DoS describes a family of...

7.5CVSS7AI score0.01648EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/03/20 12:0 a.m.14 views

Fedora: Security Advisory for golang-github-pires-proxyproto (FEDORA-2021-f5fcd9b0c1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

4.9CVSS5.3AI score0.01871EPSS
Exploits0References2
Fedora
Fedora
added 2021/03/19 8:31 p.m.63 views

[SECURITY] Fedora 34 Update: golang-github-pires-proxyproto-0.5.0-1.fc34

A Go library implementation of the PROXY protocol, versions 1 and 2...

4.9CVSS4.3AI score0.01871EPSS
Exploits0
Fedora
Fedora
added 2021/03/17 2:18 a.m.50 views

[SECURITY] Fedora 33 Update: golang-github-pires-proxyproto-0.5.0-1.fc33

A Go library implementation of the PROXY protocol, versions 1 and 2...

4.9CVSS4.3AI score0.01871EPSS
Exploits0
NVD
NVD
added 2021/03/08 5:15 a.m.25 views

CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

4.9CVSS0.01871EPSS
Exploits0References6
OSV
OSV
added 2021/03/08 5:15 a.m.6 views

DEBIAN-CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

4.9CVSS5.3AI score0.01871EPSS
Exploits0References1
OSV
OSV
added 2021/03/08 5:15 a.m.2 views

UBUNTU-CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

4.9CVSS5.8AI score0.01871EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2021/03/08 4:45 a.m.18 views

CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

4.9CVSS5AI score0.01871EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/03/08 4:40 a.m.6 views

CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

4.9CVSS5.7AI score0.01871EPSS
Exploits0References9
Snyk
Snyk
added 2021/03/03 2:46 p.m.2 views

Denial of Service (DoS)

Overview github.com/pires/go-proxyproto is a Go library implementation of the PROXY protocol, versions 1 and 2. Affected versions of this package are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It wi...

4.9CVSS6.9AI score0.01871EPSS
Exploits0References2
CNVD
CNVD
added 2020/12/23 12:0 a.m.8 views

Unspecified vulnerability in Envoy (CNVD-2021-07242)

Envoy is an open source distributed proxy server . A security vulnerability exists in versions prior to Envoy 1.16.1 that stems from logging an incorrect downstream address because it only considers directly connected peers and not the information in the proxy protocol header. This affects cases...

8.8CVSS6.4AI score0.00974EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/12/16 2:55 p.m.27 views

CVE-2020-35470

Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter not HTTP filters...

8.8CVSS1.7AI score0.00974EPSS
Exploits0References4
OSV
OSV
added 2020/12/15 1:15 a.m.14 views

CVE-2020-35470

Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter not HTTP filters...

8.8CVSS6.6AI score
Exploits0References3
Prion
Prion
added 2020/12/15 1:15 a.m.16 views

Design/Logic Flaw

Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter not HTTP filters...

5.8CVSS8.5AI score0.00974EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder