Lucene search
K

172 matches found

Cvelist
Cvelist
added 2024/02/09 10:41 p.m.16 views

CVE-2024-23327 Crash in proxy protocol when command type of LOCAL in Envoy

Envoy is a high-performance edge/middle/service proxy. When PPv2 is enabled both on a listener and subsequent cluster, the Envoy instance will segfault when attempting to craft the upstream PPv2 header. This occurs when the downstream request has a command type of LOCAL and does not have the...

7.5CVSS7.9AI score0.00693EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/09 12:0 a.m.4 views

Envoy Security Vulnerabilities

Envoy is an open source distributed proxy server. A security vulnerability exists in Envoy versions prior to 1.29.1, which stems from a downstream connection using the PROXY protocol that can bypass external authentication...

8.6CVSS6.8AI score0.006EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/02/09 12:0 a.m.5 views

PT-2024-2769

Name of the Vulnerable Software and Affected Versions Envoy versions prior to 1.26.7 Envoy versions prior to 1.27.3 Envoy versions prior to 1.28.1 Envoy versions prior to 1.29.1 Description The issue is related to Envoy crashing in Proxy protocol when using an address type that isn’t supported by...

7.8CVSS6.6AI score0.00751EPSS
Exploits0References12
Malwarebytes
Malwarebytes
added 2023/10/05 1:0 a.m.64 views

Exim finally fixes 3 out of 6 vulnerabilities

Exim is a message transfer agent MTA originally developed at the University of Cambridge for use on Unix systems connected to the internet, and is freely available under the terms of the GNU General Public Licence. Even though the name may be new to you, a Shodan search revealed 3.5 million serve...

7.4AI score0.51474EPSS
Exploits5
SUSE CVE
SUSE CVE
added 2023/02/15 4:13 a.m.2 views

SUSE CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted pro...

4.9CVSS8.1AI score0.52873EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:59 a.m.4 views

SUSE CVE-2020-11653

An issue was discovered in Varnish Cache before 6.0.6 LTS, 6.1.x and 6.2.x before 6.2.3, and 6.3.x before 6.3.2. It occurs when communication with a TLS termination proxy uses PROXY version 2. There can be an assertion failure and daemon restart, which causes a performance loss...

7.5CVSS7.7AI score0.02106EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:51 a.m.3 views

SUSE CVE-2020-35470

Envoy before 1.16.1 logs an incorrect downstream address because it considers only the directly connected peer, not the information in the proxy protocol header. This affects situations with tcp-proxy as the network filter not HTTP filters...

8.8CVSS8.9AI score0.00974EPSS
Exploits0References3
Fedora
Fedora
added 2022/07/30 2:0 a.m.15 views

[SECURITY] Fedora 36 Update: golang-github-path-network-mmproxy-2.1-4.fc36

go-mmproxy is a standalone application that unwraps HAProxy's PROXY protocol also adopted by other projects such as NGINX so that the network connection to the end server comes from client's - instead of proxy server's - IP address and port number...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2022/07/18 12:0 a.m.22 views

Fedora: Security Advisory for golang-github-path-network-mmproxy (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS9.1AI score0.05335EPSS
Exploits3References2
Fedora
Fedora
added 2022/07/17 1:15 a.m.27 views

[SECURITY] Fedora 35 Update: golang-github-path-network-mmproxy-2.1-3.fc35

go-mmproxy is a standalone application that unwraps HAProxy's PROXY protocol also adopted by other projects such as NGINX so that the network connection to the end server comes from client's - instead of proxy server's - IP address and port number...

9.3CVSS8.3AI score0.05994EPSS
Exploits3
OSV
OSV
added 2022/07/01 8:18 p.m.18 views

GO-2022-0233 Resource exhaustion in github.com/pires/go-proxyproto

The PROXY protocol server does not impose a timeout on reading the header from new connections, allowing a malicious client to cause resource exhaustion and a denial of service by opening many connections and sending no data on them. v0.6.0 of the proxyproto package adds support for a user-define...

7.5CVSS7.3AI score0.01648EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.4 views

The vulnerability of the PROXY protocol library in the Golang language, Go-proxyproto, allows a hacker to induce a service failure.

The vulnerability of the PROXY protocol library in the Golang language is related to the absence of a timeout during the waiting for the proxy protocol header. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

7.8CVSS7.2AI score0.01648EPSS
Exploits0References7Affected Software2
VulnCheck KEV
VulnCheck KEV
added 2022/02/22 12:0 a.m.3 views

VulnCheck KEV: CVE-2019-10097

In Apache HTTP Server 2.4.32-2.4.39, when modremoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could trigger a stack buffer overflow or NULL pointer deference. This vulnerability could only be triggered by a trusted...

7.2CVSS6.9AI score0.52873EPSS
Exploits0References1
NVD
NVD
added 2021/07/21 7:15 a.m.20 views

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS0.01648EPSS
Exploits0References5
OSV
OSV
added 2021/07/21 7:15 a.m.15 views

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS6.7AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2021/07/21 7:15 a.m.19 views

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS7.1AI score0.01648EPSS
Exploits0References6
Prion
Prion
added 2021/07/21 7:15 a.m.9 views

Design/Logic Flaw

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

5CVSS7.4AI score0.01648EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/07/21 7:15 a.m.1 views

UBUNTU-CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS7.1AI score0.01648EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2021/07/21 6:45 a.m.12 views

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS7.4AI score0.01648EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/07/21 6:44 a.m.2 views

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

7.5CVSS5.3AI score0.01648EPSS
Exploits0References6
Rows per page
Query Builder