Описание
ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| znc | fixed | 1.8.1-1 | package | |
| znc | not-affected | buster | package | |
| znc | not-affected | stretch | package | |
| znc | not-affected | jessie | package |
Примечания
Fixed by: https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8 (znc-1.8.1-rc1)
Introduced with: https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001 (znc-1.8.0)
EPSS
Связанные уязвимости
ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.
ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.
ZNC 1.8.0 up to 1.8.1-rc1 allows attackers to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.
EPSS