Advisory ROSA-SA-2026-3149

Software: libproxy 0.4.15 OS: ROSA Virtualization 3.1 unaffected versions = libproxy-0.4.15-5.5.5.rv31 affected versions libproxy-0.4.15-5.5.rv31 CVE-ID: CVE-2020-25219 BDU-ID: 2022-00336 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the url::recvline function of the url.cpp component of the...

libproxy: sending more than 102400 bytes in PAC without a Content-Length present could result in buffer overflow

A vulnerability was found in libproxy, where a buffer overflow can occur if a server serving a PAC file sends more than 102400 bytes without a Content-Length header, this flaw allows an attacker to trigger an overflow of PACHTTPBLOCKSIZE 512 bytes, potentially leading to application crashes or...

PT-2020-6589 · Libproxy +5 · Libproxy +5

Name of the Vulnerable Software and Affected Versions: libproxy versions prior to 0.4.16 Description: The issue is related to a buffer overflow in the url.cpp file of libproxy when PAC is enabled. This can be triggered by a large PAC file delivered without a Content-length header, potentially...