Aggregates CVE and security vulnerability intelligence across all polipo_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk memory corruption, vendor risk buffer overflow, and vendor risk denial of service and related problems; some flaws may lead to vendor impact memory corruption.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-38614 | Polipo through 1.1.1, when NDEBUG is used, allows a heap-based buffer overflow during parsing of a Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | [email protected] | 7.5 | 0.45% | 2021-08-12 | 2024-11-21 |
| CVE-2020-36420 | Polipo through 1.1.1, when NDEBUG is omitted, allows denial of service via a reachable assertion during parsing of a malformed Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | [email protected] | 7.5 | 0.71% | 2021-07-15 | 2024-11-21 |
| CVE-2011-3596 | Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request. | [email protected] | 7.5 | 13.88% | 2019-11-26 | 2024-11-21 |