Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Privoxy Subscribe
Total 29 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-20275 2 Debian, Privoxy 2 Debian Linux, Privoxy 2022-08-05 5.0 MEDIUM 7.5 HIGH
A flaw was found in privoxy before 3.0.32. A invalid read of size two may occur in chunked_body_is_complete() leading to denial of service.
CVE-2021-20276 2 Debian, Privoxy 2 Debian Linux, Privoxy 2022-08-05 5.0 MEDIUM 7.5 HIGH
A flaw was found in privoxy before 3.0.32. Invalid memory access with an invalid pattern passed to pcre_compile() may lead to denial of service.
CVE-2021-20216 1 Privoxy 1 Privoxy 2022-08-05 7.8 HIGH 7.5 HIGH
A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of service. The highest threat from this vulnerability is to system availability.
CVE-2021-44540 1 Privoxy 1 Privoxy 2022-01-06 5.0 MEDIUM 7.5 HIGH
A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of compiled pattern spec before bailing.
CVE-2021-44541 1 Privoxy 1 Privoxy 2022-01-03 5.0 MEDIUM 7.5 HIGH
A vulnerability was found in Privoxy which was fixed in process_encrypted_request_headers() by freeing header memory when failing to get the request destination.
CVE-2021-44542 1 Privoxy 1 Privoxy 2021-12-29 5.0 MEDIUM 7.5 HIGH
A memory leak vulnerability was found in Privoxy when handling errors.
CVE-2021-44543 1 Privoxy 1 Privoxy 2021-12-29 2.6 LOW 6.1 MEDIUM
An XSS vulnerability was found in Privoxy which was fixed in cgi_error_no_template() by encode the template name when Privoxy is configured to servce the user-manual itself.
CVE-2021-20212 1 Privoxy 1 Privoxy 2021-12-14 7.8 HIGH 7.5 HIGH
A flaw was found in Privoxy in versions before 3.0.29. Memory leak if multiple filters are executed and the last one is skipped due to a pcre error leading to a system crash.
CVE-2021-20214 1 Privoxy 1 Privoxy 2021-12-14 7.8 HIGH 7.5 HIGH
A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the client-tags CGI handler when client tags are configured and memory allocations fail can lead to a system crash.
CVE-2021-20213 1 Privoxy 1 Privoxy 2021-12-14 4.3 MEDIUM 7.5 HIGH
A flaw was found in Privoxy in versions before 3.0.29. Dereference of a NULL-pointer that could result in a crash if accept-intercepted-requests was enabled, Privoxy failed to get the request destination from the Host header and a memory allocation failed.
CVE-2021-20215 1 Privoxy 1 Privoxy 2021-12-14 7.8 HIGH 7.5 HIGH
A flaw was found in Privoxy in versions before 3.0.29. Memory leaks in the show-status CGI handler when memory allocations fail can lead to a system crash.
CVE-2021-20209 1 Privoxy 1 Privoxy 2021-12-14 5.0 MEDIUM 7.5 HIGH
A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured.
CVE-2021-20217 1 Privoxy 1 Privoxy 2021-12-14 7.8 HIGH 7.5 HIGH
A flaw was found in Privoxy in versions before 3.0.31. An assertion failure triggered by a crafted CGI request may lead to denial of service. The highest threat from this vulnerability is to system availability.
CVE-2021-20274 1 Privoxy 1 Privoxy 2021-12-14 5.0 MEDIUM 7.5 HIGH
A flaw was found in privoxy before 3.0.32. A crash may occur due a NULL-pointer dereference when the socks server misbehaves.
CVE-2021-20211 1 Privoxy 1 Privoxy 2021-12-14 7.8 HIGH 7.5 HIGH
A flaw was found in Privoxy in versions before 3.0.29. Memory leak when client tags are active can cause a system crash.
CVE-2021-20210 1 Privoxy 1 Privoxy 2021-12-10 7.8 HIGH 7.5 HIGH
A flaw was found in Privoxy in versions before 3.0.29. Memory leak in the show-status CGI handler when no filter files are configured can lead to a system crash.
CVE-2020-35502 1 Privoxy 1 Privoxy 2021-12-10 7.8 HIGH 7.5 HIGH
A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash.
CVE-2021-20273 2 Debian, Privoxy 2 Debian Linux, Privoxy 2021-12-08 5.0 MEDIUM 7.5 HIGH
A flaw was found in privoxy before 3.0.32. A crash can occur via a crafted CGI request if Privoxy is toggled off.
CVE-2021-20272 2 Debian, Privoxy 2 Debian Linux, Privoxy 2021-12-07 5.0 MEDIUM 7.5 HIGH
A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash.
CVE-2019-3699 2 Opensuse, Privoxy 3 Factory, Leap, Privoxy 2021-09-14 7.2 HIGH 7.8 HIGH
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openSUSE Leap 15.1 privoxy version 3.0.28-lp151.1.1 and prior versions. openSUSE Factory privoxy version 3.0.28-2.1 and prior versions.