CVE-2025-63938

Description

Tinyproxy through 1.11.2 contains an integer overflow vulnerability in the strip_return_port() function within src/reqs.c.

PUBLISHED Reserved 2025-10-27 | Published 2025-11-26 | Updated 2025-11-26 | Assigner mitre

References

github.com/tinyproxy/tinyproxy/issues/586

github.com/...ommit/3c0fde94981b025271ffa1788ae425257841bf5a

github.com/.../my-hub/blob/main/CVE-2025-63938/DISCLOSURE.md

cve.org (CVE-2025-63938)

nvd.nist.gov (CVE-2025-63938)

Download JSON