CVE-2020-26154

Опубликовано: 30 сент. 2020

Источник: debian

Описание

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libproxy	fixed	0.4.15-15		package

Примечания

https://github.com/libproxy/libproxy/pull/126
https://github.com/libproxy/libproxy/commit/4411b523545b22022b4be7d0cac25aa170ae1d3e

Связанные уязвимости

CVE-2020-26154

CVSS3: 9.8

ubuntu

больше 5 лет назад

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

CVE-2020-26154

CVSS3: 7.5

redhat

больше 5 лет назад

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

CVE-2020-26154

CVSS3: 9.8

nvd

больше 5 лет назад

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

CVE-2020-26154

CVSS3: 9.8

msrc

около 4 лет назад

Описание отсутствует

GHSA-49gc-vgp4-6qhm

CVSS3: 9.8

github

больше 3 лет назад

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.