CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44543 – Ubuntu Security Notice USN-5826-1
https://notcve.org/view.php?id=CVE-2021-44543
23 Dec 2021 — An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the template name when Privoxy is configured to servce the user-manual itself. Se encontró una vulnerabilidad de tipo XSS en Privoxy que fue corregida en la función cgi_error_no_template(), al codificar el nombre de la plantilla cuando Privoxy está configurado para servir el propio manual de usuario Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this iss... • https://www.privoxy.org/3.0.33/user-manual/whatsnew.html%2C • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44542
https://notcve.org/view.php?id=CVE-2021-44542
23 Dec 2021 — A memory leak vulnerability was found in Privoxy when handling errors. Se encontró una vulnerabilidad de filtrado de memoria en Privoxy cuando se manejan errores • https://www.privoxy.org/3.0.33/user-manual/whatsnew.html%2C • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44540 – Ubuntu Security Notice USN-5826-1
https://notcve.org/view.php?id=CVE-2021-44540
23 Dec 2021 — A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of compiled pattern spec before bailing. Se ha encontrado una vulnerabilidad en Privoxy que ha sido corregida en la función get_url_spec_param(), al liberar la memoria de la especificación del patrón compilado antes de abandonar Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. Artem Ivanov discovered that Privoxy in... • https://www.privoxy.org/3.0.33/user-manual/whatsnew.html%2C • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44541
https://notcve.org/view.php?id=CVE-2021-44541
23 Dec 2021 — A vulnerability was found in Privoxy which was fixed in process_encrypted_request_headers() by freeing header memory when failing to get the request destination. Se encontró una vulnerabilidad en Privoxy que fue corregida en la función process_encrypted_request_headers(), al liberar la memoria de los encabezados cuando fallaba la obtención del destino de la petición • https://www.privoxy.org/3.0.33/user-manual/whatsnew.html%2C • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20209 – Gentoo Linux Security Advisory 202107-16
https://notcve.org/view.php?id=CVE-2021-20209
25 May 2021 — A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured. Se encontró una vulnerabilidad de fuga de memoria en Privoxy versiones anteriores a 3.0.29 en el manejador CGI del show-status cuando no se configuraron archivos de acción Multiple vulnerabilities have been found in Privoxy, the worst of which could result in Denial of Service. Versions less than 3.0.32 are affected. • https://bugzilla.redhat.com/show_bug.cgi?id=1928726 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20217 – Gentoo Linux Security Advisory 202107-16
https://notcve.org/view.php?id=CVE-2021-20217
25 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.31. Un fallo de aserción es desencadenado por una petición CGI diseñada puede conllevar a una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1923252 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20210 – Gentoo Linux Security Advisory 202107-16
https://notcve.org/view.php?id=CVE-2021-20210
25 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.29. Una pérdida de memoria en el controlador CGI show-status cuando no son configurados archivos de filtro puede conllevar a un bloqueo del sistema Multiple vulnerabilities have been found in Privoxy, the worst of which could result in Denial of Service. Versions less than 3.0.32 ar... • https://bugzilla.redhat.com/show_bug.cgi?id=1928729 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20212 – Ubuntu Security Notice USN-4886-1
https://notcve.org/view.php?id=CVE-2021-20212
23 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.29. Una pérdida de memoria si son ejecutados múltiples filtros y es omitido el último debido a un error pcre conlleva un bloqueo del sistema It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of s... • https://bugzilla.redhat.com/show_bug.cgi?id=1928736 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20211 – Ubuntu Security Notice USN-4886-1
https://notcve.org/view.php?id=CVE-2021-20211
23 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.29. Memory leak when client tags are active can cause a system crash. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.29. Una pérdida de memoria cuando las etiquetas de cliente están activas puede causar un bloqueo del sistema It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. • https://bugzilla.redhat.com/show_bug.cgi?id=1928733 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35502 – Ubuntu Security Notice USN-4886-1
https://notcve.org/view.php?id=CVE-2020-35502
23 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.29. Unas pérdidas de memoria cuando una respuesta es almacenada en el búfer y es alcanzado el límite del búfer o Privoxy se está quedando sin memoria pueden conllevar a un bloqueo del sistema It was discovered that Privoxy incorrectly handled CGI reques... • https://bugzilla.redhat.com/show_bug.cgi?id=1928749 • CWE-401: Missing Release of Memory after Effective Lifetime •