rpm package
suse/libproxy-plugins&distro=SUSE OpenStack Cloud 8
pkg:rpm/suse/libproxy-plugins&distro=SUSE%20OpenStack%20Cloud%208
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-26154 | Cri | 9.8 | < 0.4.13-18.3.1 | 0.4.13-18.3.1 | Sep 30, 2020 | url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. | |
| CVE-2020-25219 | Hig | 7.5 | < 0.4.13-18.3.1 | 0.4.13-18.3.1 | Sep 9, 2020 | url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. |
- affected < 0.4.13-18.3.1fixed 0.4.13-18.3.1
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
- affected < 0.4.13-18.3.1fixed 0.4.13-18.3.1
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.