CVE-2017-15923 — Konversation vulnerability

7 documents5 sources

Severity

7.5HIGHNVD

EPSS

0.8%

top 26.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Konversation Debian Konversation Debian Linux

Timeline

PublishedNov 15

Latest updateMay 13

Description

Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote attackers to cause a denial of service (crash) via vectors related to parsing of IRC color formatting codes.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

▶debiandebian/konversation< konversation 1.7.3-1 (bookworm)

▶NVDkonversation/konversation1.4 — 1.7.3

▶Debiankonversation/konversation< 1.7.3-1+3

Also affects: Debian Linux 7.0, 8.0, 9.0

Patches

Patch: cgit.kde.org ↗Patch: konversation.kde.org ↗Patch: cgit.kde.org ↗

🔴Vulnerability Details

GHSA

GHSA-gmxc-2h86-8gwf: Konversation 1↗2022-05-13

▶

OSV

CVE-2017-15923: Konversation 1↗2017-11-15

▶

📋Vendor Advisories

Debian

CVE-2017-15923: konversation - Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote attackers ...↗2017

▶

💬Community

Bugzilla

CVE-2017-15923 konversation: Denial of service while parsing IRC color formatting codes [fedora-all]↗2017-11-22

▶

Bugzilla

CVE-2017-15923 konversation: Denial of service while parsing IRC color formatting codes [epel-all]↗2017-11-22

▶

Bugzilla

CVE-2017-15923 konversation: Denial of service while parsing IRC color formatting codes↗2017-11-22

▶