CVE-2010-2488NULL Pointer Dereference in ZNC

CWE-476NULL Pointer Dereference4 documents4 sources
Severity
7.5HIGHNVD
EPSS
1.3%
top 20.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
ZNCDebian ZNC
Timeline
PublishedNov 12
Latest updateApr 23

Description

NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

NVDznc/znc< 0.092
debiandebian/znc< znc 0.090-2 (bookworm)
Debianznc/znc< 0.090-2+3
CVEListV5znc/zncbefore 0.092

🔴Vulnerability Details

2
GHSA
GHSA-whfw-9qvh-v4jj: NULL pointer dereference vulnerability in ZNC before 02022-04-23
OSV
CVE-2010-2488: NULL pointer dereference vulnerability in ZNC before 02019-11-12

📋Vendor Advisories

1
Debian
CVE-2010-2488: znc - NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic sta...2010
CVE-2010-2488 — NULL Pointer Dereference in ZNC | cvebase