Vulnerability CVE-2019-15717: Information

Description

Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2019-15717
Published: Aug. 29, 2019
Modified: Nov. 7, 2023
Error type identifier: CWE-416

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
irssisisyphus1.2.2-alt11.2.2-alt1ALT-PU-2020-3468-1263095Fixed
irssip101.2.2-alt11.2.2-alt1ALT-PU-2020-3468-1263095Fixed
irssip91.2.2-alt11.2.2-alt1ALT-PU-2020-3488-1263100Fixed
irssic10f11.2.2-alt11.2.2-alt1ALT-PU-2020-3468-1263095Fixed
irssic9f21.2.2-alt11.2.2-alt1ALT-PU-2024-3802-3342505Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://irssi.org/security/irssi_sa_2019_08.txt
  • Vendor Advisory
[oss-security] 20190829 Irssi 1.2.2:CVE-2019-15717
  • Mailing List
  • Third Party Advisory
[oss-security] 20190829 Re: Irssi 1.2.2:CVE-2019-15717
  • Mailing List
  • Third Party Advisory
USN-4119-1
  • Third Party Advisory
FEDORA-2019-d2257607b8

      1. Configuration 1

        cpe:2.3:a:irssi:irssi:*:*:*:*:*:*:*:*
        Start including
        1.2.0
        End excliding
        1.2.2

        Configuration 2

        cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Version: v24.5.1
    Back to top