x/vulndb: potential Go vuln in github.com/pires/go-proxyproto: CVE-2021-23409

[GoVulnBot]

In CVE-2021-23409, the reference URL github.com/pires/go-proxyproto (and possibly others) refers to something in Go.

• Commit: pires/go-proxyproto@cdc6386
• PR: Add support for ReadHeaderTimeout pires/go-proxyproto#74

module: github.com/pires/go-proxyproto
package: github.com/pires/go-proxyproto
description: |
  The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.
cves:
- CVE-2021-23409
links:
  pr: https://github.com/pires/go-proxyproto/pull/74
  commit: https://github.com/pires/go-proxyproto/pull/74/commits/cdc63867da24fc609b727231f682670d0d1cd346
  context:
  - https://github.com/pires/go-proxyproto/issues/65
  - https://github.com/pires/go-proxyproto/releases/tag/v0.6.0
  - https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMPIRESGOPROXYPROTO-1316439

See doc/triage.md for instructions on how to triage this report.

[gopherbot]

Change https://go.dev/cl/415534 mentions this issue: x/vulndb: add reports/GO-2022-0233.yaml for CVE-2021-23409