CVE-2021-23409 - Go-proxyproto Project Go-proxyproto
Critical 7.5
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.
Affected software
Go-proxyproto Project Go-proxyproto
Reference links
- https://github.com/pires/go-proxyproto/issues/65
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMPIRESGOPROXYPROTO-1316439
- https://github.com/pires/go-proxyproto/pull/74/commits/cdc63867da24fc609b727231f682670d0d1cd346
- https://github.com/pires/go-proxyproto/releases/tag/v0.6.0
- https://github.com/pires/go-proxyproto/pull/74