Astra Linux - уязвимость в libproxy

In libproxy, the url.cpp module in version 0.4.15 is vulnerable to a buffer overflow when PAC is enabled. This vulnerability was confirmed by using a large PAC file that was sent without a Content-length header...

Advisory ROSA-SA-2026-3189

Software: libproxy 0.4.15 OS: ROSA Virtualization 2.1 unaffected versions = libproxy-0.4.15-5.5.5.rv3 affected versions libproxy-0.4.15-5.5.rv3 CVE-ID: CVE-2020-25219 BDU-ID: 2022-00336 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the url::recvline function of the url.cpp component of the Libprox...

SUSE CVE-2020-26154

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header...

EulerOS 2.0 SP3 : libproxy (EulerOS-SA-2021-1087)

According to the versions of the libproxy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered...

Updated libproxy packages fix a security vulnerability

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. CVE-2020-26154...

EulerOS 2.0 SP8 : libproxy (EulerOS-SA-2020-2304)

According to the versions of the libproxy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered...

CVE-2020-26154

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header...

Buffer overflow

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header...

UBUNTU-CVE-2020-26154

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header...

CVE-2020-26154

CVE-2020-26154 affects libproxy, with a buffer overflow in url.cpp when PAC is enabled and a large PAC file is delivered without a Content-Length header. Public advisories/records indicate impact could lead to crash or arbitrary code execution. Remediation: upgrade to a fixed libproxy version (e....

CVE-2020-26154

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header...

DEBIAN-CVE-2020-25219

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion...

CVE-2020-25219

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion...

CVE-2020-25219

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion...

CVE-2020-25219

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion...

CVE-2020-25219

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion...

CVE-2020-25219

The CVE-2020-25219 issue affects libproxy in the 0.4.x line (up to 0.4.15). A remote HTTP PAC server can trigger uncontrolled recursion by sending a response that is an infinite stream without a newline, causing stack exhaustion. Public advisories confirm vulnerable packages include libproxy and ...

Stack overflow

Stack-based buffer overflow in the url::getpac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file...