ubuntu · CVE-2020-25219

Quick triage

Priority: medium Published: 2020-09-09 21:15:00 UTC Updated: 2025-08-25 23:24:05 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2020-25219 medium priority: Ubuntu including 1 source packages (libproxy), 5 status rows across 5 suites (bionic, focal, trusty, upstream, xenial): released 3, DNE 1, needs-triage 1.

Description:

url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion.

cvelogic Threat Intelligence