url.cpp in libproxy up to and including 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libproxy project libproxy |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |