Lucene search

Veracode Vulnerability DatabaseVERACODE:28114

HistoryDec 06, 2020 - 3:06 a.m.

Denial Of Service (DoS)

2020-12-0603:06:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

denial of service

quassel

coreauthhandler

EPSS

0.027

Percentile

90.4%

JSON

quassel is vulnerable to denial of service. A NULL pointer dereference in the onReadyRead function in core/coreauthhandler.cpp allows remote attackers to crash the application via malicious handshake data.

References

lists.fedoraproject.org/pipermail/package-announce/2016-May/183571.html

lists.fedoraproject.org/pipermail/package-announce/2016-May/183585.html

lists.fedoraproject.org/pipermail/package-announce/2016-May/183746.html

lists.opensuse.org/opensuse-updates/2016-05/msg00063.html

quassel-irc.org/node/129

www.openwall.com/lists/oss-security/2016/04/30/2

www.openwall.com/lists/oss-security/2016/04/30/4

github.com/quassel/quassel/commit/e678873

security-tracker.debian.org/tracker/CVE-2016-4414

EPSS

0.027

Percentile

90.4%

JSON

Related for VERACODE:28114