Name of the Vulnerable Software and Affected Versions: privoxy versions prior to 3.0.29

Description: The issue is related to memory leaks in the privoxy software. Specifically, memory leaks occur when a response is buffered and the buffer limit is reached or privoxy is running out of memory. Additionally, there are memory leaks in the show-status CGI handler when no action files or filter files are configured. The issue also involves an unlikely dereference of a NULL-pointer that could result in a crash under certain conditions. Other fixes include improvements to the default Action file, better detection of connection details, and the addition of experimental https inspection support.

Recommendations: Update to version 3.0.29 or later to resolve the memory leak issues and other problems. As a temporary workaround, consider disabling the client-tags CGI handler and show-status CGI handler until the update is applied. Restrict access to the affected API endpoints to minimize the risk of exploitation. Avoid using the split-large-forms parameter in the CGI editor until the issue is resolved.