AVG-2616 log
| Package | privoxy |
| Status | Vulnerable |
| Severity | Medium |
| Type | multiple issues |
| Affected | 3.0.32-1 |
| Fixed | Unknown |
| Current | 3.0.34-2 [extra] |
| Ticket | Create |
| Created | Thu Dec 9 13:47:30 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-44543 | Medium | Yes | Cross-site scripting | A security issue has been found in Privoxy before version 3.0.33. cgi_error_no_template() did not encode the template name, which could lead to cross-site... |
| CVE-2021-44542 | Low | Yes | Denial of service | A security issue has been found in Privoxy before version 3.0.33. send_http_request() leaked memory when handling errors. |
| CVE-2021-44541 | Low | Yes | Denial of service | A security issue has been found in Privoxy before version 3.0.33. process_encrypted_request_headers() did not free header memory when failing to get the... |
| CVE-2021-44540 | Low | Yes | Denial of service | A security issue has been found in Privoxy before version 3.0.33. get_url_spec_param() did not free memory of compiled pattern spec before bailing. |