vulnerability

Ubuntu: USN-5258-1 (CVE-2017-14727): WeeChat vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:N/A:P)	Sep 23, 2017	Mar 22, 2023	Apr 25, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

Sep 23, 2017

Added

Mar 22, 2023

Modified

Apr 25, 2025

Description

Stuart Nevans Locke discovered that WeeChat's relay plugin insecurely handled
malformed websocket frames. A remote attacker in control of a server
could possibly use this issue to cause denial of service in a client.
(CVE-2021-40516)

Stuart Nevans Locke discovered that WeeChat insecurely handled certain
IRC messages. A remote attacker in control of a server could possibly use
this issue to cause denial of service in a client. This issue only affected
Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2020-9760)

Stuart Nevans Locke discovered that WeeChat insecurely handled certain
IRC messages. A remote unauthenticated attacker could possibly use these
issues to cause denial of service in a client. These issues only affected
Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2020-9759, CVE-2020-8955)

Joseph Bisch discovered that WeeChat's logger incorrectly handled certain
memory operations when handling log file names. A remote attacker could possibly
use this issue to cause denial of service in a client. This issue only
affected Ubuntu 16.04 ESM. (CVE-2017-14727)

Solution(s)

ubuntu-pro-upgrade-weechatubuntu-pro-upgrade-weechat-coreubuntu-pro-upgrade-weechat-cursesubuntu-pro-upgrade-weechat-plugins

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today