CVE-2020-25219 - log back

CVE-2020-25219 edited at 10 Sep 2020 12:57:30
Severity
- Medium
+ Low
CVE-2020-25219 edited at 10 Sep 2020 12:57:14
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP PAC server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.
References
+ https://github.com/libproxy/libproxy/issues/134
+ https://github.com/libproxy/libproxy/pull/136
Notes
CVE-2020-25219 created at 10 Sep 2020 12:56:29