CVE-2021-44540

Name

CVE-2021-44540

Description

A vulnerability was found in Privoxy which was fixed in get_url_spec_param() by freeing memory of compiled pattern spec before bailing.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

Exploits

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
MISC	https://www.privoxy.org/3.0.33/user-manual/whatsnew.html,
MISC	https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=652b4b7cb0

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:privoxy:privoxy::::::::`	privoxy	>= None	< 3.0.33

Source package	Branch	Version	Maintainer	Status
privoxy	3.15-main	3.0.33-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
privoxy	3.14-main	3.0.33-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
privoxy	3.13-main	3.0.33-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
privoxy	3.12-main	3.0.33-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
privoxy	3.16-main	3.0.33-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
privoxy	3.17-main	3.0.33-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed