Weechat: >> Weechat >> 2.7.1 Security Vulnerabilities
WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_free_split, string_free_split_command, and string_free_split_tags.
CVSS Score
9.8
EPSS Score
0.003
Published
2024-11-10
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.
CVSS Score
7.5
EPSS Score
0.01
Published
2021-09-05