View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2020-25219 severity important: SUSE including 363 source package names (0.1.0:libproxy1-0.4.15-4.3.1, 0.1.75:libproxy1-0.4.15-4.3.1, …), 561 product×package rows across 139 product lines (Container caasp/v4/389-ds, Container caasp/v4/busybox, … (139 product lines)): Fixed 385, Known Affected 157, Known Not Affected 19.
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.