libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion

A flaw was found in libproxy in versions 0.4 through 0.4.15. A remote HTTP server can trigger an uncontrolled recursion via a response composed of an infinite stream that lacks a newline character leading to a stack exhaustion. The highest threat from this vulnerability is to system availability...

libproxy: uncontrolled recursion via an infinite stream response leading to stack exhaustion

A flaw was found in libproxy in versions 0.4 through 0.4.15. A remote HTTP server can trigger an uncontrolled recursion via a response composed of an infinite stream that lacks a newline character leading to a stack exhaustion. The highest threat from this vulnerability is to system availability...

CVE-2020-25219

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion...

Moderate severity vulnerability that affects org.apache.commons:commons-compress

When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead to an infinite...