← Back

Libproxy Project

libproxy_project

5 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Libproxy
libproxy
5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-26154
4Debian
FedoraprojectLibproxy Project+1 more
4Debian Linux
FedoraLeap+1 more
Nov 21, 2024
Sep 30, 2020
N/A· v4
9.8 CRITICAL· v3
6.8 MEDIUM· v2
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
CVE-2020-25219
5Canonical
DebianFedoraproject+2 more
5Debian Linux
FedoraLeap+2 more
Nov 21, 2024
Sep 9, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack ex...Show more
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.Show less
CVE-2012-5580
1Libproxy Project
1Libproxy
May 6, 2026
Oct 27, 2014
N/A· v4
N/A· v3
7.5 HIGH· v2
Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strin...Show more
Format string vulnerability in the print_proxies function in bin/proxy.c in libproxy 0.3.1 might allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in a proxy name, as demonstrated using the http_proxy environment variable or a PAC file.Show less
CVE-2012-4505
1Libproxy Project
1Libproxy
Apr 29, 2026
Nov 11, 2012
N/A· v4
N/A· v3
10.0 HIGH· v2
Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a pro...Show more
Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504.Show less
CVE-2012-4504
1Libproxy Project
1Libproxy
Apr 29, 2026
Nov 11, 2012
N/A· v4
N/A· v3
10.0 HIGH· v2
Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file.