VDB

ALPINE-CVE-2021-44540

ALPINE-CVE-2021-44540 PUBLISHED CVSS 7.5 HIGH

A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of compiled pattern spec before bailing.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Alpine:v3.16privoxy3.0.24-r1, 3.0.21-r1, 3.0.32-r0
Alpine:v3.13privoxy3.0.22-r0, 0, 3.0.16-r0
Alpine:v3.21privoxy3.0.16-r0, 3.0.32-r0, 3.0.31-r0
Alpine:v3.14privoxy3.0.24-r1, 3.0.32-r0, 3.0.31-r0
Alpine:v3.17privoxy3.0.32-r0, 3.0.31-r0, 3.0.30-r0
Alpine:v3.19privoxy3.0.32-r0, 0, 3.0.16-r0
Alpine:v3.18privoxy3.0.32-r0, 3.0.31-r0, 3.0.30-r0
Alpine:v3.20privoxy3.0.16-r1, 0, 3.0.16-r0
Alpine:v3.22privoxy3.0.32-r0, 0, 3.0.16-r0
Alpine:v3.23privoxy3.0.32-r0, 3.0.32-r0, 3.0.31-r0
Alpine:v3.15privoxy3.0.32-r0, 3.0.30-r0, 0
Alpine:v3.12privoxy3.0.16-r1, 3.0.17-r1, 3.0.18-r0

Timeline

  • Dec 23, 2021 CVE Published
  • Dec 3, 2025 CVE Updated
  • Apr 30, 2026 Distribution Patch
Open in Interactive Console →
$ Console Community · 100/wk Open console ›