RSS   Vulnerabilities for 'Weechat'   RSS

2021-09-05
 
CVE-2021-40516

CWE-125
 

 
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.

 
2020-03-23
 
CVE-2020-9760

CWE-120
 

 
An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick.

 
 
CVE-2020-9759

CWE-476
 

 
An issue was discovered in WeeChat before 2.7.1 (0.4.0 to 2.7 are affected). A malformed message 352 (who) can cause a NULL pointer dereference in the callback function, resulting in a crash.

 
2020-02-12
 
CVE-2020-8955

CWE-120
 

 
irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).

 
2017-04-23
 
CVE-2017-8073

CWE-119
 

 
WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow.

 

 >>> Vendor: Weechat 2 Products
Weechat
Logger


Copyright 2024, cxsecurity.com

 

Back to Top