VDB

GCVE-110-MAGEIA-2021-570

GCVE-110-MAGEIA-2021-570
Advisory Published
Vulnetix · Advisory published December 19, 2021
Updated privoxy packages fix security vulnerabilities: A security issue has been found in Privoxy before version 3.0.33. get_url_spec_param() did not free memory of compiled pattern spec before bailing (CVE-2021-44540). A security issue has been found in Privoxy before version 3.0.33. process_encrypted_request_headers() did not free header memory when failing to get the request destination (CVE-2021-44541). A security issue has been found in Privoxy before version 3.0.33. send_http_request() leaked memory when handling errors (CVE-2021-44542). A security issue has been found in Privoxy before version 3.0.33. cgi_error_no_template() did not encode the template name, which could lead to cross-site scripting when Privoxy is configured to servce the user-manual itself (CVE-2021-44543).

Affected Products

VendorProductVersionsPlatforms
Mageiaprivoxy0 (affected), 3.0.32-1.1.mga8 (unaffected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›