Debian Bug report logs -
#1070395
tinyproxy: CVE-2023-40533 CVE-2023-49606
Package:
src:tinyproxy;
Maintainer for src:tinyproxy is Mike Gabriel <sunweaver@debianorg>;
Reported by: Moritz Mühlenhoff <jmm@inutilorg>
Date: Sat, 4 May 2024 18:45:02 UTC
Severity: grave
Tags: security, upstream
Reply or subscribe ...
Cisco Talos reports two memory safety vulnerabilities in tinyproxy, a small HTTP
proxy server, in versions prior to 1112 (not yet released) Quotes from the
two advisories below
First advisory <talosintelligencecom/vulnerability_reports/TALOS-2023-1889>:
CVE-2023-49606
A use-after-free vulnerability exists in the HTTP Conne ...