EUVD-2021-1500

Malware in sbrugna...

GO-2022-0233 Resource exhaustion in github.com/pires/go-proxyproto

The PROXY protocol server does not impose a timeout on reading the header from new connections, allowing a malicious client to cause resource exhaustion and a denial of service by opening many connections and sending no data on them. v0.6.0 of the proxyproto package adds support for a user-define...

The vulnerability of the PROXY protocol library in the Golang language, Go-proxyproto, allows a hacker to induce a service failure.

The vulnerability of the PROXY protocol library in the Golang language is related to the absence of a timeout during the waiting for the proxy protocol header. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

GHSA-XCF7-Q56X-78GH github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion

The package github.com/pires/go-proxyproto before 0.6.1 is vulnerable to Denial of Service DoS via creating connections without the proxy protocol header. While this issue was patched in 0.6.0, the fix introduced additional issues which were subsequently patched in 0.6.1...

github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion

The package github.com/pires/go-proxyproto before 0.6.1 is vulnerable to Denial of Service DoS via creating connections without the proxy protocol header. While this issue was patched in 0.6.0, the fix introduced additional issues which were subsequently patched in 0.6.1...

DEBIAN-CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

Design/Logic Flaw

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

CVE-2021-23409 Denial of Service (DoS)

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

CVE-2021-23409

CVE-2021-23409 affects the Go package github.com/pires/go-proxyproto, specifically versions before 0.6.0. The vulnerability enables Denial of Service by allowing connections without the proxy protocol header to be established, leading to resource exhaustion. Public advisories confirm this issue a...

CVE-2021-23409

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service DoS via creating connections without the proxy protocol header...

go-proxyproto 处理逻辑错误漏洞

Pires go-proxyproto is Pires an open source application . It provides a secure way to securely transfer connection information functions across multiple layers of NAT or TCP proxies. A processing logic error vulnerability exists in go-proxyproto, which can be exploited to cause a denial of servic...

github.com/pires/go-proxyproto denial of service vulnerability

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

GHSA-FQH4-RH59-XHVF github.com/pires/go-proxyproto denial of service vulnerability

The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in t...

Fedora: Security Advisory for golang-github-pires-proxyproto (FEDORA-2021-f5fcd9b0c1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: golang-github-pires-proxyproto-0.5.0-1.fc34

A Go library implementation of the PROXY protocol, versions 1 and 2...

Fedora: Security Advisory for golang-github-pires-proxyproto (FEDORA-2021-e01c1fe4cc)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 33 : golang-github-pires-proxyproto (2021-e01c1fe4cc)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-e01c1fe4cc advisory. - The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service DoS via the parseVersion1 function. The reader in this...