WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.
References
Link | Resource |
---|---|
https://github.com/weechat/weechat/commit/8b1331f98de1714bae15a9ca2e2b393ba49d735b | Patch Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/09/msg00018.html | Mailing List Third Party Advisory |
https://weechat.org/doc/security/ | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-09-05T17:14:24
Updated: 2021-09-30T13:06:12
Reserved: 2021-09-05T00:00:00
Link: CVE-2021-40516
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-09-05T18:15:07.260
Modified: 2021-10-07T17:55:02.937
Link: CVE-2021-40516
JSON object: View
Redhat Information
No data.
CWE