Go modules package
github.com/pires/go-proxyproto
pkg:golang/github.com/pires/go-proxyproto
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23409 | — | < 0.6.1 | 0.6.1 | Jul 21, 2021 | The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header. | ||
| CVE-2021-23351 | — | < 0.5.0 | 0.5.0 | Mar 8, 2021 | The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service (DoS) via the parseVersion1() function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits |
- CVE-2021-23409Jul 21, 2021affected < 0.6.1fixed 0.6.1
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.
- CVE-2021-23351Mar 8, 2021affected < 0.5.0fixed 0.5.0
The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service (DoS) via the parseVersion1() function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits