Vulnerabilities (CVE)

Filtered by vendor Pps.jussieu Subscribe
Filtered by product Polipo
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-3305 1 Pps.jussieu 1 Polipo 2024-02-04 5.0 MEDIUM N/A
Polipo 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a Cache-Control header that lacks a value for the max-age field, which triggers a segmentation fault in the httpParseHeaders function in http_parse.c, and possibly other unspecified vectors.
CVE-2009-4413 1 Pps.jussieu 1 Polipo 2024-02-04 5.0 MEDIUM N/A
The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a negative value, and a segmentation fault.
CVE-2008-7191 1 Pps.jussieu 1 Polipo 2024-02-04 5.0 MEDIUM N/A
Unspecified vulnerability in Polipo before 1.0.4 allows remote attackers to cause a denial of service (crash) via a long request URL.