GHSA-XCF7-Q56X-78GH github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion

The package github.com/pires/go-proxyproto before 0.6.1 is vulnerable to Denial of Service DoS via creating connections without the proxy protocol header. While this issue was patched in 0.6.0, the fix introduced additional issues which were subsequently patched in 0.6.1...

github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion

The package github.com/pires/go-proxyproto before 0.6.1 is vulnerable to Denial of Service DoS via creating connections without the proxy protocol header. While this issue was patched in 0.6.0, the fix introduced additional issues which were subsequently patched in 0.6.1...

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

CVE-2021-23409 Denial of Service (DoS)

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

github.com/pires/go-proxyproto denial of service vulnerability

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

GHSA-FQH4-RH59-XHVF github.com/pires/go-proxyproto denial of service vulnerability

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

Denial Of Service(DoS)

github.com/pires/go-proxyproto is vulnerable to denial of service DoS. The vulnerability exists as the function parseVersion1 does not restrict parsing of data until it founds a newline or target stops acknowledging, allowing an attacker to send malicious proxy protocol V1 header to cause a memor...

CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

CVE-2021-23351

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

Design/Logic Flaw

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

CVE-2021-23351 Denial of Service (DoS)

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

CVE-2021-23351

CVE-2021-23351 affects github.com/pires/go-proxyproto prior to 0.5.0. The DoS arises from parseVersion1() where a default bufio.Reader over a net.Conn reads until a newline with no input size limit, allowing a deliberately malformed V1 header to exhaust memory on a server processing proxy protoco...