Overview: 1 vulnerability

WSA CVE Score Severity Issue Vulnerability type Scope Versions Fix Release date
WSA-2025-4 - 3.9
Buffer overflow in parsing of date/time. Out-of-bounds write Core 4.2.0 → 4.6.2 4.6.3

WSA-2025-4: [Core] Buffer overflow in parsing of date/time.

Vulnerability
CVE
Not available
CVSS vector
AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C (detail)
CVSS score
3.9 / 10
Severity
medium
Vulnerability type
Out-of-bounds write (detail)
Scope
Core
Affected versions
4.2.0 → 4.6.2
Fixed version
4.6.3 () - ChangeLog
Tracker
Not available
Commits
Commit
Description
Buffer overflow in function util_parse_time when the received date/time has no date and a length of 117 or more chars.
Mitigation
There is no known mitigation.
The upgrade to the latest stable version is highly recommended.

GitHub Mastodon Diaspora X

Copyright © 2003-2025 Sébastien HelleuAbout WeeChat.org — Theme: light (dark)