VYPR

rpm package

suse/libproxy&distro=SUSE OpenStack Cloud 9

pkg:rpm/suse/libproxy&distro=SUSE%20OpenStack%20Cloud%209

Vulnerabilities (2)

  • CVE-2020-26154CriSep 30, 2020
    affected < 0.4.13-18.3.1fixed 0.4.13-18.3.1

    url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

  • CVE-2020-25219HigSep 9, 2020
    affected < 0.4.13-18.3.1fixed 0.4.13-18.3.1

    url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.