172 matches found
CVE-2024-23327 Crash in proxy protocol when command type of LOCAL in Envoy
Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the...
Envoy Security Vulnerabilities
Envoy is an open source distributed proxy server. A security vulnerability exists in Envoy versions prior to 1.29.1, which stems from a downstream connection using the PROXY protocol that can bypass external authentication...
PT-2024-2769
Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.26.7 Envoy versions prior to 1.27.3 Envoy versions prior to 1.28.1 Envoy versions prior to 1.29.1 Description The issue is related to Envoy crashing in Proxy protocol when using an address type that isn’t supported by...
Exim finally fixes 3 out of 6 vulnerabilities
Exim is a message transfer agent MTA originally developed at the University of Cambridge for use on Unix systems connected to the internet, and is freely available under the terms of the GNU General Public Licence. Even though the name may be new to you, a Shodan search revealed 3.5 million serve...
SUSE CVE-2019-10097
In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...
SUSE CVE-2020-11653
An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss...
SUSE CVE-2020-35470
Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter not HTTP filters...
[SECURITY] Fedora 36 Update: golang-github-path-network-mmproxy-2.1-4.fc36
go-mmproxy is a standalone application that unwraps HAProxy's PROXY protocol also adopted by other projects such as NGINX so that the network connection to the end server comes from client's - instead of proxy server's - IP address and port number...
Fedora: Security Advisory for golang-github-path-network-mmproxy (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: golang-github-path-network-mmproxy-2.1-3.fc35
go-mmproxy is a standalone application that unwraps HAProxy's PROXY protocol also adopted by other projects such as NGINX so that the network connection to the end server comes from client's - instead of proxy server's - IP address and port number...
GO-2022-0233 Resource exhaustion in github.com/pires/go-proxyproto
The PROXY protocol server does not impose a timeout on reading the header from new connections, allowing a malicious client to cause resource exhaustion and a denial of service by opening many connections and sending no data on them. v0.6.0 of the proxyproto package adds support for a user-define...
The vulnerability of the PROXY protocol library in the Golang language, Go-proxyproto, allows a hacker to induce a service failure.
The vulnerability of the PROXY protocol library in the Golang language is related to the absence of a timeout during the waiting for the proxy protocol header. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
VulnCheck KEV: CVE-2019-10097
In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted...
CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
Design/Logic Flaw
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
UBUNTU-CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...
CVE-2021-23409
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...