25 matches found
EUVD-2021-1500
Malware in sbrugna...
GO-2022-0233 Resource exhaustion in github.com/pires/go-proxyproto
The PROXY protocol server does not impose a timeout on reading the header from new connections, allowing a malicious client to cause resource exhaustion and a denial of service by opening many connections and sending no data on them. v0.6.0 of the proxyproto package adds support for a user-define...
GHSA-XCF7-Q56X-78GH github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion
The package github.com/pires/go-proxyproto before 0.6.1 is vulnerable to Denial of Service DoS via creating connections without the proxy protocol header. While this issue was patched in 0.6.0, the fix introduced additional issues which were subsequently patched in 0.6.1...
github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion
The package github.com/pires/go-proxyproto before 0.6.1 is vulnerable to Denial of Service DoS via creating connections without the proxy protocol header. While this issue was patched in 0.6.0, the fix introduced additional issues which were subsequently patched in 0.6.1...
DEBIAN-CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
Design/Logic Flaw
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
CVE-2021-23409 Denial of Service (DoS)
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
CVE-2021-23409
CVE-2021-23409 affects the Go package github.com/pires/go-proxyproto, specifically versions before 0.6.0. The vulnerability enables Denial of Service by allowing connections without the proxy protocol header to be established, leading to resource exhaustion. Public advisories confirm this issue a...
CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
go-proxyproto 处理逻辑错误漏洞
Pires go-proxyproto is Pires an open source application . It provides a secure way to securely transfer connection information functions across multiple layers of NAT or TCP proxies. A processing logic error vulnerability exists in go-proxyproto, which can be exploited to cause a denial of servic...
github.com/pires/go-proxyproto denial of service vulnerability
The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...
GHSA-FQH4-RH59-XHVF github.com/pires/go-proxyproto denial of service vulnerability
The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...
Denial Of Service(DoS)
github.com/pires/go-proxyproto is vulnerable to denial of service DoS. The vulnerability exists as the function parseVersion1 does not restrict parsing of data until it founds a newline or target stops acknowledging, allowing an attacker to send malicious proxy protocol V1 header to cause a memor...
CVE-2021-23351
The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...
CVE-2021-23351
The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...
CVE-2021-23351
The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...
Design/Logic Flaw
The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...