url::recvline in url.cpp in libproxy 0.4.x up to and including 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libproxy project libproxy |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
fedoraproject fedora 31 |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 20.04 |
||
canonical ubuntu linux 16.04 |