CVE-2020-25219 log

Severity Low
Remote Yes
Type Denial of service
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP PAC server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.
Group Package Affected Fixed Severity Status Ticket
AVG-1227 lib32-libproxy 0.4.15-2 0.4.16-1 Low Fixed
AVG-1226 libproxy, libproxy-mozjs, libproxy-webkit 0.4.15+33+g454a499-2 0.4.16-1 Low Fixed
Date Advisory Group Package Severity Type
05 Dec 2020 ASA-202012-9 AVG-1226 libproxy-webkit Low denial of service
05 Dec 2020 ASA-202012-11 AVG-1226 libproxy-mozjs Low denial of service
05 Dec 2020 ASA-202012-10 AVG-1226 libproxy Low denial of service