Vulnerabilities > Quassel IRC > Quassel > 0.12.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-17 | CVE-2021-34825 | Cleartext Transmission of Sensitive Information vulnerability in multiple products Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system. | 7.5 |
| 2018-05-08 | CVE-2018-1000179 | NULL Pointer Dereference vulnerability in multiple products A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service. | 7.5 |
| 2018-05-08 | CVE-2018-1000178 | Out-of-bounds Write vulnerability in multiple products A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely. | 9.8 |