Vulnerabilities > Irssi > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-08 | CVE-2020-29602 | Unspecified vulnerability in Irssi Docker Image The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |
| 2019-08-29 | CVE-2019-15717 | Use After Free vulnerability in multiple products Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. | 9.8 |
| 2019-01-09 | CVE-2019-5882 | Use After Free vulnerability in multiple products Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | 9.8 |
| 2018-02-15 | CVE-2018-7054 | Use After Free vulnerability in multiple products An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. | 9.8 |
| 2018-02-15 | CVE-2018-7053 | Use After Free vulnerability in multiple products An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. | 9.8 |
| 2018-01-06 | CVE-2018-5208 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | 9.8 |
| 2018-01-06 | CVE-2018-5206 | NULL Pointer Dereference vulnerability in multiple products When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | 9.8 |
| 2017-07-07 | CVE-2017-10966 | Use After Free vulnerability in Irssi An issue was discovered in Irssi before 1.0.4. | 9.8 |
| 2017-07-07 | CVE-2017-10965 | NULL Pointer Dereference vulnerability in Irssi An issue was discovered in Irssi before 1.0.4. | 9.8 |
| 2017-03-27 | CVE-2017-7191 | Use After Free vulnerability in Irssi The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors. | 9.8 |