CVE-2019-15717 — Use After Free in Irssi

Severity

9.8CRITICALNVD

EPSS

0.8%

top 26.55%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 29

Latest updateMay 24

Description

Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

▶NVDirssi/irssi1.2.0 — 1.2.2

▶debiandebian/irssi< irssi 1.2.2-1 (bookworm)

▶Debianirssi/irssi< 1.2.2-1+3

Also affects: Ubuntu Linux 19.04

GHSA

GHSA-gx32-945w-w9x4: Irssi 1↗2022-05-24

▶

OSV

CVE-2019-15717: Irssi 1↗2019-08-29

▶

Ubuntu

Irssi vulnerability↗2019-09-03

▶

Red Hat

Irssi: use-after-free if the IRC server sends double CAP↗2019-08-29

▶

Debian

CVE-2019-15717: irssi - Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double C...↗2019

▶

Bugzilla

CVE-2019-15717 irssi: use-after-free if the IRC server sends double CAP [fedora-all]↗2019-08-30

▶

Bugzilla

CVE-2019-15717 Irssi: use-after-free if the IRC server sends double CAP↗2019-08-30

▶