Your submission was sent successfully! Close

CVE-2017-14727

Published: 23 September 2017

logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
weechat
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(1.9.1-1ubuntu1)
cosmic Not vulnerable
(1.9.1-1ubuntu1)
disco Not vulnerable
(1.9.1-1ubuntu1)
eoan Not vulnerable
(1.9.1-1ubuntu1)
focal Not vulnerable
(1.9.1-1ubuntu1)
groovy Not vulnerable
(1.9.1-1ubuntu1)
hirsute Not vulnerable
(1.9.1-1ubuntu1)
impish Not vulnerable
(1.9.1-1ubuntu1)
jammy Not vulnerable
(1.9.1-1ubuntu1)
precise Does not exist

trusty Does not exist
(trusty was needed)
upstream
Released (1.9.1-1)
xenial Ignored
(end of standard support, was needed)
zesty Ignored
(reached end-of-life)