CVE-2020-26154

Опубликовано: 30 сент. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.8

CVSS3: 9.8

Описание

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

Релиз	Статус	Примечание
bionic	released	0.4.15-1ubuntu0.2
devel	not-affected
esm-infra-legacy/trusty	DNE
esm-infra/bionic	released	0.4.15-1ubuntu0.2
esm-infra/focal	released	0.4.15-10ubuntu1.2
esm-infra/xenial	released	0.4.11-5ubuntu1.2
focal	released	0.4.15-10ubuntu1.2
groovy	released	0.4.15-13ubuntu1.1
precise/esm	DNE
trusty	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 72%

0.00717

Низкий

6.8 Medium

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2020-26154

CVSS3: 7.5

redhat

больше 5 лет назад

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

CVE-2020-26154

CVSS3: 9.8

nvd

больше 5 лет назад

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

CVE-2020-26154

CVSS3: 9.8

msrc

около 4 лет назад

Описание отсутствует

CVE-2020-26154

CVSS3: 9.8

debian

больше 5 лет назад

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when ...

GHSA-49gc-vgp4-6qhm

CVSS3: 9.8

github

больше 3 лет назад

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

EPSS

Процентиль: 72%

0.00717

Низкий

6.8 Medium

CVSS2

9.8 Critical

CVSS3

CVE-2020-26154

Описание

Пакет libproxy

Ссылки на источники

Связанные уязвимости