Please DO NOT file a GitHub issue for security related problems, but send an email to security@weechat.org instead.
This table contains a list of all known and fixed security vulnerabilities in WeeChat stable releases (the security vulnerabilities introduced during development of a version and fixed before a stable release are not mentioned).
Note: you can be warned about security vulnerabilities by subscribing to this mailing list:
weechat-security
Severity | CVE | Tracker | Affected versions | Fixed in version | Release date | Git | Description / Workaround |
---|---|---|---|---|---|---|---|
low |
CVE-2020-9760 | - | 0.3.4 → 2.7 | 2.7.1 | ![]() |
Buffer overflow when a new IRC message 005 is received with longer nick prefixes.
![]() |
|
low |
CVE-2020-9759 | - | 0.4.0 → 2.7 | 2.7.1 | ![]() |
Crash when receiving a malformed IRC message 352 (WHO).
![]() |
|
low |
CVE-2020-8955 | - | 0.3.8 → 2.7 | 2.7.1 | ![]() |
Buffer overflow when receiving a malformed IRC message 324 (channel mode).
![]() |
|
high |
CVE-2017-14727 | - | 0.3.2 → 1.9 | 1.9.1 | ![]() |
Date/time conversion specifiers are expanded after replacing buffer local variables in name of log files. In some cases, this can lead to an error in function strftime and a crash caused by the use of an uninitialized buffer.
![]() Unload the logger plugin: /plugin unload logger |
|
high |
CVE-2017-8073 | - | 0.3.3 → 1.7 | 1.7.1 | ![]() |
Buffer overflow when removing quotes in DCC filename.
![]() Create a trigger (with WeeChat >= 1.1): /trigger add irc_dcc_quotes modifier "irc_in_privmsg" "${arguments} =~ ^[^ ]+ :${\x01}DCC SEND ${\x22} " "/.*//" |
|
medium |
- | - | 0.3.8 → 0.4.0 | 0.4.1 | ![]() |
Uncontrolled format string when IRC commands are redirected by relay plugin. If the output or redirected command contains formatting chars like "%", this can lead to a crash of WeeChat.
![]() Do not use irc protocol in relay plugin. |
|
low |
- | - | 0.3.0 → 0.4.0 | 0.4.1 | ![]() |
Uncontrolled format string when sending unknown IRC command to server (if option "irc.network.send_unknown_commands" is on).
![]() Turn off option "irc.network.send_unknown_commands" or do not use formatting chars like "%" when sending unknown commands to server. |
|
low |
- | - | 0.3.6 → 0.4.0 | 0.4.1 | ![]() |
Uncontrolled format string when sending IRC "ison" command for nicks monitored with command /notify.
![]() Do not use command /notify with nicks containing formatting chars like "%". |
|
critical |
CVE-2012-5534 | bug #37764 | 0.3.0 → 0.3.9.1 | 0.3.9.2 | ![]() |
Untrusted command for function hook_process could lead to execution of commands, because of shell expansions (so the problem is only caused by some scripts, not by WeeChat itself).
![]() Remove/unload all scripts calling function hook_process (for maximum safety). |
|
high |
CVE-2012-5854 | bug #37704 | 0.3.6 → 0.3.9 | 0.3.9.1 | ![]() |
Buffer overflow when decoding IRC colors in strings.
![]() /set irc.network.colors_receive off |
|
medium |
CVE-2011-1428 | patch #7459 | 0.1.3 → 0.3.4 | 0.3.5 | ![]() |
Missing verifications in SSL certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate.
![]() |
|
high |
CVE-2009-0661 | bug #25862 | 0.2.6 | 0.2.6.1 | ![]() |
Crash when receiving special chars in IRC messages.
![]() |
|
low |
- | - | 0.0.5 → 0.1.6 | 0.1.7 | ![]() ![]() |
Uncontrolled format string in API function infobar_printf.
![]() |
|
low |
- | - | 0.0.1 → 0.0.4 | 0.0.5 | ![]() |
Buffer overflows in build of strings.
![]() |
Security vulnerabilities are classified using 4 severity levels: