Libproxy Project: >> Libproxy >> 0.4.12 Security Vulnerabilities
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
CVSS Score
9.8
EPSS Score
0.009
Published
2020-09-30
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.
CVSS Score
7.5
EPSS Score
0.009
Published
2020-09-09