Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character.
References
Link | Resource |
---|---|
https://github.com/nicotine-plus/nicotine-plus/issues/1777 | Exploit Issue Tracking Patch Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HWYV53KERFH2EC4XI2IVVQFTV75E5XM6/ | |
https://security.gentoo.org/glsa/202210-20 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-15T00:00:00
Updated: 2022-10-31T00:00:00
Reserved: 2021-12-27T00:00:00
Link: CVE-2021-45848
JSON object: View
NVD Information
Status : Modified
Published: 2022-03-15T19:15:07.840
Modified: 2023-11-07T03:39:55.753
Link: CVE-2021-45848
JSON object: View
Redhat Information
No data.
CWE