CVE-2021-20272

Опубликовано: 09 мар. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=1936651
Issue Tracking
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/03/msg00009.html
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/202107-16
Third Party Advisory
https://www.privoxy.org/announce.txt
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1936651
Issue Tracking
Patch
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/03/msg00009.html
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/202107-16
Third Party Advisory
https://www.privoxy.org/announce.txt
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:privoxy:privoxy:*:*:*:*:*:*:*:*

Версия до 3.0.32 (исключая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02553

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-617

Связанные уязвимости

CVE-2021-20272

CVSS3: 7.5

ubuntu

почти 5 лет назад

A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash.

CVE-2021-20272

CVSS3: 7.5

debian

почти 5 лет назад

A flaw was found in privoxy before 3.0.32. An assertion failure could ...

GHSA-f82f-54fm-grwm

github

больше 3 лет назад

A flaw was found in privoxy before 3.0.32. An assertion failure could be triggered with a crafted CGI request leading to server crash.

openSUSE-SU-2021:0443-1

suse-cvrf

почти 5 лет назад

Security update for privoxy

EPSS

Процентиль: 85%

0.02553

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-617