4 matches found
UBUNTU-CVE-2026-54387
Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, forwarding both verbatim to the backend while using Content-Length to determine how many request body bytes to consume. Remote attackers can desynchronize the...
Linux Distros Unpatched Vulnerability : CVE-2026-31842
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tinyproxy through 1.11.3 is vulnerable to HTTP request parsing desynchronization due to a case-sensitive comparison of the Transfer-Encoding header in src/reqs....
EUVD-2017-3357
Malware in sbrugna...
[pkc] remote heap overflow in tinyproxy
--- Packet Knights Advisory 002 --- ---pkc002.txt--- http://www.pkcrew.org Author : |CyRaX| [email protected] Application : Tinyproxy version 1.3.2 and 1.3.3 Type : heap buffer overflow --- The Problem --- Function httperr in utils.c : int httperrstruct conns connptr, int err, char msg char outbuf...