3 matches found
Fedora 43 : tinyproxy (2026-d8daf8790f)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-d8daf8790f advisory. Backport upstream fixes for CVE-2026-3945 and CVE-2026-31842. Tenable has extracted the preceding description block directly from the Fedora securit...
openSUSE 16 Security Update : tinyproxy (openSUSE-SU-2026:20456-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20456-1 advisory. Changes in tinyproxy: - CVE-2026-3945: Fixed denial of service by unauthenticated remote attacker boo1261024 - Update to release 1.11.3 conf: add...
CVE-2026-3945
An integer overflow vulnerability in the HTTP chunked transfer encoding parser in tinyproxy up to and including version 1.11.3 allows an unauthenticated remote attacker to cause a denial of service DoS. The issue occurs because chunk size values are parsed using strtol without properly validating...