VYPR

rpm package

opensuse/libproxy&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/libproxy&distro=openSUSE%20Tumbleweed

Vulnerabilities (3)

  • CVE-2020-26154CriSep 30, 2020
    affected < 0.4.17-2.2fixed 0.4.17-2.2

    url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

  • CVE-2020-25219HigSep 9, 2020
    affected < 0.4.17-2.2fixed 0.4.17-2.2

    url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.

  • CVE-2012-4504Nov 11, 2012
    affected < 0.4.13-7.1fixed 0.4.13-7.1

    Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file.