Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Irssi
(Irssi)| Repositories |
• https://github.com/irssi/irssi
• https://github.com/ensc/irssi-proxy |
| #Vulnerabilities | 41 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2007-08-18 | CVE-2007-4398 | Multiple CRLF injection vulnerabilities in the (1) now-playing.rb and (2) xmms.pl 1.1 scripts for WeeChat allow user-assisted remote attackers to execute arbitrary IRC commands via CRLF sequences in the name of the song in a .mp3 file. | Irssi | N/A | ||
| 2019-08-29 | CVE-2019-15717 | Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. | Ubuntu_linux, Irssi | 9.8 | ||
| 2023-04-14 | CVE-2023-29132 | Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line. | Irssi | 5.3 | ||
| 2018-02-15 | CVE-2018-7054 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191. | Ubuntu_linux, Debian_linux, Irssi | 9.8 | ||
| 2019-06-29 | CVE-2019-13045 | Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server. | Irssi | 8.1 | ||
| 2019-01-09 | CVE-2019-5882 | Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | Ubuntu_linux, Irssi | 9.8 | ||
| 2018-02-15 | CVE-2018-7053 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order. | Ubuntu_linux, Debian_linux, Irssi | 9.8 | ||
| 2018-02-15 | CVE-2018-7052 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur. | Ubuntu_linux, Debian_linux, Irssi | 7.5 | ||
| 2018-02-15 | CVE-2018-7051 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings. | Ubuntu_linux, Debian_linux, Irssi | 7.5 | ||
| 2018-02-15 | CVE-2018-7050 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick. | Ubuntu_linux, Debian_linux, Irssi | 7.5 |