Overview: 1 vulnerability

WSA CVE Score Severity Issue Vulnerability type Scope Versions Fix Release date
WSA-2025-3 - 3.9
Integer overflow in conversion of version to an integer number. Integer Overflow or Wraparound Core 0.3.2 → 4.6.2 4.6.3

WSA-2025-3: [Core] Integer overflow in conversion of version to an integer number.

Vulnerability
CVE
Not available
CVSS vector
AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C (detail)
CVSS score
3.9 / 10
Severity
medium
Vulnerability type
Integer Overflow or Wraparound (detail)
Scope
Core
Affected versions
0.3.2 → 4.6.2
Fixed version
4.6.3 () - ChangeLog
Tracker
Not available
Commits
Commit
Description
Integer overflow happens in conversion of a version as string to an integer number, if the version is greater than 0x7FFFFFFF (127.255.255.255), so if the version is at least 0x80000000 (128.0.0.0).
Mitigation
There is no known mitigation.
The upgrade to the latest stable version is highly recommended.

GitHub Mastodon Diaspora X

Copyright © 2003-2025 Sébastien HelleuAbout WeeChat.org — Theme: light (dark)