VYPR

Privoxy

by Privoxy

CVEs (29)

  • CVE-2021-20273Mar 9, 2021
    risk 0.00cvss epss 0.02

    A flaw was found in privoxy before 3.0.32. A crash can occur via a crafted CGI request if Privoxy is toggled off.

  • CVE-2021-20272Mar 9, 2021
    risk 0.00cvss epss 0.02

    A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash.

  • CVE-2019-3699Jan 24, 2020
    risk 0.00cvss epss 0.00

    UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of privoxy on openSUSE Leap 15.1, Factory allows local attackers to escalate from user privoxy to root. This issue affects: openSUSE Leap 15.1 privoxy version 3.0.28-lp151.1.1 and prior versions. openSUSE…

  • CVE-2015-1031Feb 10, 2015
    risk 0.00cvss epss 0.02

    Multiple use-after-free vulnerabilities in Privoxy before 3.0.22 allow remote attackers to have unspecified impact via vectors related to (1) the unmap function in list.c or (2) "two additional unconfirmed use-after-free complaints made by Coverity scan." NOTE: some of these…

  • CVE-2015-1382Feb 3, 2015
    risk 0.00cvss epss 0.03

    parsers.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (invalid read and crash) via vectors related to an HTTP time header.

  • CVE-2015-1381Feb 3, 2015
    risk 0.00cvss epss 0.03

    Multiple unspecified vulnerabilities in pcrs.c in Privoxy before 3.0.23 allow remote attackers to cause a denial of service (segmentation fault or memory consumption) via unspecified vectors.

  • CVE-2015-1380Feb 3, 2015
    risk 0.00cvss epss 0.03

    jcc.c in Privoxy before 3.0.23 allows remote attackers to cause a denial of service (abort) via a crafted chunk-encoded body.

  • CVE-2015-1201Jan 20, 2015
    risk 0.00cvss epss 0.01

    Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

  • CVE-2015-1030Jan 20, 2015
    risk 0.00cvss epss 0.02

    Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are rejected because the socket limit is reached.

Page 2 of 2