RSS   Vulnerabilities for 'Privoxy'   RSS

2021-12-23
 
CVE-2021-44542

CWE-401
 

 
A memory leak vulnerability was found in Privoxy when handling errors.

 
 
CVE-2021-44543

CWE-79
 

 
An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the template name when Privoxy is configured to servce the user-manual itself.

 
2021-05-25
 
CVE-2021-20209

CWE-401
 

 
A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured.

 
2021-03-25
 
CVE-2021-20217

CWE-617
 

 
A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability.

 
 
CVE-2021-20216

CWE-400
 

 
A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to system availability.

 
 
CVE-2021-20215

CWE-401
 

 
A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the show-status CGI handler when memory allocations fail can lead to a system crash.

 
 
CVE-2021-20214

CWE-401
 

 
A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail can lead to a system crash.

 
 
CVE-2021-20213

CWE-476
 

 
A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed.

 
 
CVE-2021-20212

CWE-401
 

 
A flaw was found in Privoxy in versions before 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash.

 
 
CVE-2021-20211

CWE-401
 

 
A flaw was found in Privoxy in versions before 3.0.29. Memory leak when client tags are active can cause a system crash.

 


Copyright 2024, cxsecurity.com

 

Back to Top