CVE-2025-63938

Опубликовано: 26 нояб. 2025

Источник: debian

EPSS Низкий

Описание

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the strip_return_port() function within src/reqs.c.

Пакет	Статус	Релиз	Тип
tinyproxy	unfixed		package
tinyproxy	no-dsa	trixie	package
tinyproxy	no-dsa	bookworm	package
tinyproxy	postponed	bullseye	package

https://github.com/tinyproxy/tinyproxy/issues/586
Fixed by: https://github.com/tinyproxy/tinyproxy/commit/3c0fde94981b025271ffa1788ae425257841bf5a

EPSS

Процентиль: 15%

0.00049

Низкий

CVE-2025-63938

CVSS3: 6.5

ubuntu

2 месяца назад

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the strip_return_port() function within src/reqs.c.

CVE-2025-63938

CVSS3: 6.5

nvd

2 месяца назад

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the strip_return_port() function within src/reqs.c.

GHSA-w547-jc37-w3cr

CVSS3: 6.5

github

2 месяца назад

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the strip_return_port() function within src/reqs.c.

EPSS

Процентиль: 15%

0.00049

Низкий