CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44543 – Ubuntu Security Notice USN-5826-1
https://notcve.org/view.php?id=CVE-2021-44543
23 Dec 2021 — An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the template name when Privoxy is configured to servce the user-manual itself. Se encontró una vulnerabilidad de tipo XSS en Privoxy que fue corregida en la función cgi_error_no_template(), al codificar el nombre de la plantilla cuando Privoxy está configurado para servir el propio manual de usuario Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this iss... • https://www.privoxy.org/3.0.33/user-manual/whatsnew.html%2C • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44542
https://notcve.org/view.php?id=CVE-2021-44542
23 Dec 2021 — A memory leak vulnerability was found in Privoxy when handling errors. Se encontró una vulnerabilidad de filtrado de memoria en Privoxy cuando se manejan errores • https://www.privoxy.org/3.0.33/user-manual/whatsnew.html%2C • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44540 – Ubuntu Security Notice USN-5826-1
https://notcve.org/view.php?id=CVE-2021-44540
23 Dec 2021 — A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of compiled pattern spec before bailing. Se ha encontrado una vulnerabilidad en Privoxy que ha sido corregida en la función get_url_spec_param(), al liberar la memoria de la especificación del patrón compilado antes de abandonar Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. Artem Ivanov discovered that Privoxy in... • https://www.privoxy.org/3.0.33/user-manual/whatsnew.html%2C • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44541
https://notcve.org/view.php?id=CVE-2021-44541
23 Dec 2021 — A vulnerability was found in Privoxy which was fixed in process_encrypted_request_headers() by freeing header memory when failing to get the request destination. Se encontró una vulnerabilidad en Privoxy que fue corregida en la función process_encrypted_request_headers(), al liberar la memoria de los encabezados cuando fallaba la obtención del destino de la petición • https://www.privoxy.org/3.0.33/user-manual/whatsnew.html%2C • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20209 – Gentoo Linux Security Advisory 202107-16
https://notcve.org/view.php?id=CVE-2021-20209
25 May 2021 — A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured. Se encontró una vulnerabilidad de fuga de memoria en Privoxy versiones anteriores a 3.0.29 en el manejador CGI del show-status cuando no se configuraron archivos de acción Multiple vulnerabilities have been found in Privoxy, the worst of which could result in Denial of Service. Versions less than 3.0.32 are affected. • https://bugzilla.redhat.com/show_bug.cgi?id=1928726 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20217 – Gentoo Linux Security Advisory 202107-16
https://notcve.org/view.php?id=CVE-2021-20217
25 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.31. Un fallo de aserción es desencadenado por una petición CGI diseñada puede conllevar a una denegación de servicio. • https://bugzilla.redhat.com/show_bug.cgi?id=1923252 • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20210 – Gentoo Linux Security Advisory 202107-16
https://notcve.org/view.php?id=CVE-2021-20210
25 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.29. Una pérdida de memoria en el controlador CGI show-status cuando no son configurados archivos de filtro puede conllevar a un bloqueo del sistema Multiple vulnerabilities have been found in Privoxy, the worst of which could result in Denial of Service. Versions less than 3.0.32 ar... • https://bugzilla.redhat.com/show_bug.cgi?id=1928729 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20215 – Ubuntu Security Notice USN-4886-1
https://notcve.org/view.php?id=CVE-2021-20215
23 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the show-status CGI handler when memory allocations fail can lead to a system crash. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.29. Unas pérdidas de memoria en el manejador CGI show-status cuando un fallo de las asignaciones de memoria puede conllevar a un bloqueo del sistema It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of service or o... • https://bugzilla.redhat.com/show_bug.cgi?id=1928746 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-20213 – Ubuntu Security Notice USN-4886-1
https://notcve.org/view.php?id=CVE-2021-20213
23 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.29. Una desreferencia de un puntero NULL podría resultar en un bloqueo si se habilitaba accept-intercepted-requests, Privoxy falló en obtener el destino de la petición del encabezado del h... • https://bugzilla.redhat.com/show_bug.cgi?id=1928739 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-35502 – Ubuntu Security Notice USN-4886-1
https://notcve.org/view.php?id=CVE-2020-35502
23 Mar 2021 — A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash. Se encontró un fallo en Privoxy en versiones anteriores a 3.0.29. Unas pérdidas de memoria cuando una respuesta es almacenada en el búfer y es alcanzado el límite del búfer o Privoxy se está quedando sin memoria pueden conllevar a un bloqueo del sistema It was discovered that Privoxy incorrectly handled CGI reques... • https://bugzilla.redhat.com/show_bug.cgi?id=1928749 • CWE-401: Missing Release of Memory after Effective Lifetime •