CVE-2020-8955
published 2020-02-12CVE-2020-8955: irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | weechat | < weechat 2.7.1-1 (bookworm) | weechat 2.7.1-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| opensuse | backports_sle | — | — |
| opensuse | leap | — | — |
| weechat | weechat | >= 0 < 2.7.1-1 | 2.7.1-1 |
| weechat | weechat | >= 0 < 2.7.1-1 | 2.7.1-1 |
| weechat | weechat | >= 0 < 2.7.1-1 | 2.7.1-1 |
| weechat | weechat | >= 0 < 2.7.1-1 | 2.7.1-1 |
| weechat | weechat | >= 0 < 1.4-2ubuntu0.1+esm1 | 1.4-2ubuntu0.1+esm1 |
| weechat | weechat | >= 0 < 1.9.1-1ubuntu1+esm1 | 1.9.1-1ubuntu1+esm1 |
| weechat | weechat | >= 0 < 2.8-1ubuntu0.1~esm1 | 2.8-1ubuntu0.1~esm1 |
| weechat | weechat | 0.3.8 – 2.7 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL