Known Vulnerabilities for products from Irssi
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Irssi".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-29602 | The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. System using t... | 9.8 - CRITICAL | 2020-12-08 | 2020-12-09 |
| CVE-2019-15717 | Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. | 9.8 - CRITICAL | 2019-08-29 | 2023-11-07 |
| CVE-2019-13045 | Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL ... | 8.1 - HIGH | 2019-06-29 | 2019-07-03 |
| CVE-2019-5882 | Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | 9.8 - CRITICAL | 2019-01-09 | 2019-02-26 |
| CVE-2018-7054 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected... | 9.8 - CRITICAL | 2018-02-15 | 2019-07-04 |
| CVE-2018-7053 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are receiv... | 9.8 - CRITICAL | 2018-02-15 | 2019-02-28 |
| CVE-2018-7052 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space,... | 7.5 - HIGH | 2018-02-15 | 2019-02-28 |
| CVE-2018-7051 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access... | 7.5 - HIGH | 2018-02-15 | 2019-02-28 |
| CVE-2018-7050 | An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick. | 7.5 - HIGH | 2018-02-15 | 2019-02-28 |
| CVE-2018-5208 | In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain ... | 9.8 - CRITICAL | 2018-01-06 | 2019-03-12 |
| CVE-2018-5207 | When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. | 7.5 - HIGH | 2018-01-06 | 2019-03-12 |
| CVE-2018-5206 | When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | 9.8 - CRITICAL | 2018-01-06 | 2019-03-12 |
| CVE-2018-5205 | When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. | 7.5 - HIGH | 2018-01-06 | 2019-03-12 |
| CVE-2017-15723 | In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message. | 7.5 - HIGH | 2017-10-22 | 2019-03-14 |
| CVE-2017-15722 | In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end o... | 5.9 - MEDIUM | 2017-10-22 | 2019-03-14 |
| CVE-2017-15721 | In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a sepa... | 7.5 - HIGH | 2017-10-22 | 2019-03-14 |
| CVE-2017-15228 | Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of t... | 7.5 - HIGH | 2017-10-22 | 2018-02-04 |
| CVE-2017-15227 | Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the... | 7.5 - HIGH | 2017-10-22 | 2018-02-04 |
| CVE-2017-10966 | An issue was discovered in Irssi before 1.0.4. While updating the internal nick list, Irssi could incorrectly use the GHashTa... | 9.8 - CRITICAL | 2017-07-07 | 2017-11-05 |
| CVE-2017-10965 | An issue was discovered in Irssi before 1.0.4. When receiving messages with invalid time stamps, Irssi would try to dereferen... | 9.8 - CRITICAL | 2017-07-07 | 2017-11-05 |
Known software with vulnerabilities from Irssi
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Irssi | Irssi | 0.7.16 |