Vulnerabilities > CVE-2021-23409 - Unspecified vulnerability in Go-Proxyproto Project Go-Proxyproto
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.
Vulnerable Configurations
References
- https://github.com/pires/go-proxyproto/issues/65
- https://github.com/pires/go-proxyproto/issues/65
- https://github.com/pires/go-proxyproto/pull/74
- https://github.com/pires/go-proxyproto/pull/74
- https://github.com/pires/go-proxyproto/pull/74/commits/cdc63867da24fc609b727231f682670d0d1cd346
- https://github.com/pires/go-proxyproto/pull/74/commits/cdc63867da24fc609b727231f682670d0d1cd346
- https://github.com/pires/go-proxyproto/releases/tag/v0.6.0
- https://github.com/pires/go-proxyproto/releases/tag/v0.6.0
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMPIRESGOPROXYPROTO-1316439
- https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMPIRESGOPROXYPROTO-1316439