sshpiper's enabling of proxy protocol without proper feature flagging allows faking source address in github.com/tg123/sshpiper
{ "url": "https://pkg.go.dev/vuln/GO-2024-2853", "review_status": "UNREVIEWED" }