| Release | Version |
|---|---|
| bullseye | 1.10.0-5 |
| bullseye (security) | 1.10.0-5+deb11u1 |
| bookworm | 1.11.1-2.1+deb12u1 |
| trixie | 1.11.2-1 |
| forky | 1.11.2-1 |
| sid | 1.11.2-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2025-63938 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Tinyproxy through 1.11.2 contains an integer overflow vulnerability in ... |
| Bug | Description |
|---|---|
| CVE-2023-49606 | A use-after-free vulnerability exists in the HTTP Connection Headers p ... |
| CVE-2022-40468 | Potential leak of left-over heap data if custom error page templates c ... |
| CVE-2017-11747 | main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinypro ... |
| CVE-2012-3505 | Tinyproxy 1.8.3 and earlier allows remote attackers to cause a denial ... |
| CVE-2011-1843 | Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remot ... |
| CVE-2011-1499 | acl.c in Tinyproxy before 1.8.3, when an Allow configuration setting s ... |
| CVE-2002-0847 | tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers ... |
| DSA / DLA | Description |
|---|---|
| DLA-3892-1 | tinyproxy - security update |
| DSA-5705-1 | tinyproxy - security update |
| DLA-2163-1 | tinyproxy - security update |
| DSA-2564-1 | tinyproxy - denial of service |
| DSA-2222-1 | tinyproxy - incorrect ACL processing |
| DSA-145 | tinyproxy - doubly freed memory |