VDB
GCVE-110-MAGEIA-2025-3
GCVE-110-MAGEIA-2025-3
Advisory Published
Potential leak of left-over heap data if custom error page templates
containing special non-standard variables are used. Tinyproxy commit
84f203f and earlier use uninitialized buffers in process_request()
function.. (CVE-2022-40468)
A use-after-free vulnerability exists in the HTTP Connection Headers
parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted
HTTP header can trigger reuse of previously freed memory, which leads to
memory corruption and could lead to remote code execution. An attacker
needs to make an unauthenticated HTTP request to trigger this
vulnerability. (CVE-2023-49606)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | tinyproxy | 0 (affected), 1.10.0-3.1.mga9 (unaffected), 1.10.0-3.1.mga9 (unaffected), 0 (affected) | — |
| Mageia | nvidia-cuda-toolkit-samples-bins | 0 (affected), 12.4.1-1.mga9.nonfree (unaffected) | — |
| Mageia | cuda-z | 0 (affected), 0.11.291-11.mga9.nonfree (unaffected) | — |
| Mageia | nvidia-cuda-toolkit | 0 (affected), 12.4.1-1.mga9.nonfree (unaffected) | — |
Aliases
References
Browse GCVE Records
72,921 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.