CVE-2023-29132
https://notcve.org/view.php?id=CVE-2023-29132
Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line. • https://irssi.org/security/irssi_sa_2023_03.txt https://www.openwall.com/lists/oss-security/2023/03/30/5 • CWE-416: Use After Free •
CVE-2020-29602
https://notcve.org/view.php?id=CVE-2020-29602
The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. System using the irssi docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password. Las imágenes oficiales de docker irssi versiones anteriores a 1.1-alpine (específicas de Alpine), contienen una contraseña en blanco para un usuario root. El sistema que usa el contenedor de docker irssi implementado por las versiones afectadas de la imagen de Docker puede permitir a un atacante remoto conseguir acceso root con una contraseña en blanco • https://github.com/koharin/koharin2/blob/main/CVE-2020-29602 •
CVE-2019-15717
https://notcve.org/view.php?id=CVE-2019-15717
Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. Irssi versiones 1.2.x anteriores a 1.2.2, presenta un uso de la memoria previamente liberada si el servidor IRC envía un doble CAP. • http://www.openwall.com/lists/oss-security/2019/08/29/3 http://www.openwall.com/lists/oss-security/2019/08/29/5 https://irssi.org/security/irssi_sa_2019_08.txt https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDDRTNKDDO52CO5USJ73BE6XVG7BD4KP https://usn.ubuntu.com/4119-1 • CWE-416: Use After Free •
CVE-2019-13045 – irssi: use after free when sending SASL login to server
https://notcve.org/view.php?id=CVE-2019-13045
Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server. Irssi anterior a versión 1.0.8, versión 1.1.x anterior a 1.1.3 y versión 1.2.x anterior a 1.2.1, cuando SASL está habilitado, presenta un uso de memoria previamente libera cuando se envía el inicio de sesión de SASL hacia el servidor. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00030.html http://packetstormsecurity.com/files/153480/Slackware-Security-Advisory-irssi-Updates.html http://www.openwall.com/lists/oss-security/2019/06/29/1 http://www.securityfocus.com/bid/108998 https://github.com/irssi/irssi/commit/d23b0d22cc611e43c88d99192a59f413f951a955 https://irssi.org/security/irssi_sa_2019_06.txt https://seclists.org/bugtraq/2019/Jun/41& • CWE-416: Use After Free •
CVE-2019-5882
https://notcve.org/view.php?id=CVE-2019-5882
Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. Irssi, en versiones 1.1.x anteriores a la 1.1.2, tiene un uso de memoria previamente liberada cuando las líneas ocultas expiran del búfer "scroll". • https://github.com/irssi/irssi/pull/948 https://irssi.org/NEWS/#v1-1-2 https://irssi.org/security/irssi_sa_2019_01.txt https://usn.ubuntu.com/3862-1 • CWE-416: Use After Free •