Known Vulnerabilities for products from Irssi
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Irssi".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-29132 json | Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs wh... | 5.3 - MEDIUM | 2023-04-14 | 2023-04-24 |
| CVE-2020-29602 json | The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. System using t... | 9.8 - CRITICAL | 2020-12-08 | 2020-12-09 |
| CVE-2019-15717 json | Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. | 9.8 - CRITICAL | 2019-08-29 | 2023-11-07 |
| CVE-2019-13045 json | Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL ... | 8.1 - HIGH | 2019-06-29 | 2019-07-03 |
| CVE-2019-5882 json | Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | 9.8 - CRITICAL | 2019-01-09 | 2019-02-26 |
| CVE-2018-7054 json | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected... | 9.8 - CRITICAL | 2018-02-15 | 2019-07-04 |
| CVE-2018-7053 json | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are receiv... | 9.8 - CRITICAL | 2018-02-15 | 2019-02-28 |
| CVE-2018-7052 json | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space,... | 7.5 - HIGH | 2018-02-15 | 2019-02-28 |
| CVE-2018-7051 json | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access... | 7.5 - HIGH | 2018-02-15 | 2019-02-28 |
| CVE-2018-7050 json | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick. | 7.5 - HIGH | 2018-02-15 | 2019-02-28 |
| CVE-2018-5208 json | In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain ... | 9.8 - CRITICAL | 2018-01-06 | 2019-03-12 |
| CVE-2018-5207 json | When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. | 7.5 - HIGH | 2018-01-06 | 2019-03-12 |
| CVE-2018-5206 json | When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | 9.8 - CRITICAL | 2018-01-06 | 2019-03-12 |
| CVE-2018-5205 json | When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. | 7.5 - HIGH | 2018-01-06 | 2019-03-12 |
| CVE-2017-15723 json | In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message. | 7.5 - HIGH | 2017-10-22 | 2019-03-14 |
| CVE-2017-15722 json | In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end o... | 5.9 - MEDIUM | 2017-10-22 | 2019-03-14 |
| CVE-2017-15721 json | In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a sepa... | 7.5 - HIGH | 2017-10-22 | 2019-03-14 |
| CVE-2017-15228 json | Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of t... | 7.5 - HIGH | 2017-10-22 | 2018-02-04 |
| CVE-2017-15227 json | Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the... | 7.5 - HIGH | 2017-10-22 | 2018-02-04 |
| CVE-2017-10966 json | An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTa... | 9.8 - CRITICAL | 2017-07-07 | 2017-11-05 |
Known software with vulnerabilities from Irssi
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Irssi | Irssi | 0.7.16 |