CVE-2019-15717 — Vulnetix

CVE-2019-15717 PUBLISHED CVSS 9.800000190734863 CRITICAL

Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP.

EPSS 1.10% · 78.4th percentile

Risk Scores

CVSS v3.0

9.800000190734863

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

1.10%

78.4th percentile

Affected Products

Vendor	Product	Versions
irssi	irssi	1.2.0
n/a	n/a	n/a
canonical	ubuntu_linux	19.04

Timeline

Aug 29, 2019 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 24, 2021 EPSS Score
Dec 27, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 27, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 1, 2022 EPSS Score
Sep 4, 2022 EPSS Score
Nov 5, 2022 EPSS Score

References

https://irssi.org/security/irssi_sa_2019_08.txt url
[oss-security] 20190829 Irssi 1.2.2:CVE-2019-15717 mailing-list
[oss-security] 20190829 Re: Irssi 1.2.2:CVE-2019-15717 mailing-list
USN-4119-1 vendor-advisory
FEDORA-2019-d2257607b8 vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2019-15717 advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JDDRTNKDDO52CO5USJ73BE6XVG7BD4KP url
https://usn.ubuntu.com/4119-1 url

Open in Interactive Console →

$ Console Community · 100/wk Open console ›