Overview: 1 vulnerability

WSA Score Severity Issue Vulnerability type Scope Versions Fix Release date
WSA-2026-8 5.5
Buffer overflow in dump of Relay data. Out-of-bounds read Relay 4.3.0 → 4.9.1 4.9.2

WSA-2026-8: [Relay] Buffer overflow in dump of Relay data.

Vulnerability
CVE
Not available
CVSS vector
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H (detail)
CVSS score
5.5 / 10
Severity
medium
Vulnerability type
Out-of-bounds read (detail)
Scope
Relay
Affected versions
4.3.0 → 4.9.1
Fixed version
4.9.2 () - ChangeLog
Tracker
issue #2324
Commits
Commit
Description
When dumping Relay data with /debug dump or /debug dump relay, any HTTP request with path_items defined causes an out-of-bounds read.
Mitigation
Do not use command /debug dump.
Credit
The issue was discovered by aizu-m.

GitHub Mastodon X

Copyright © 2003-2026 Sébastien HelleuAbout WeeChat.org — Theme: light (dark)