CVE-2023-29132
MEDIUMirssi 1.3.0-1.4.3 - Use-After-Free in Special Collector Reference
Title source: llmDescription
Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line.
References (2)
Core 2
Core References
Third Party Advisory
https://irssi.org/security/irssi_sa_2023_03.txt
Mailing List, Third Party Advisory
https://www.openwall.com/lists/oss-security/2023/03/30/5
Scores
CVSS v3
5.3
EPSS
0.0081
EPSS Percentile
52.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-416
Status
published
Products (1)
irssi/irssi
1.3.0 - 1.4.4
Published
Apr 14, 2023
Tracked Since
Feb 18, 2026