High severity7.5NVD Advisory· Published Sep 5, 2021· Updated Jun 17, 2026
CVE-2021-40516
CVE-2021-40516
Description
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- WeeChat/WeeChatdescription
- osv-coords2 versionspkg:rpm/opensuse/weechat&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/weechat&distro=SUSE%20Package%20Hub%2015%20SP3
< 3.2.1-bp153.2.3.1+ 1 more
- (no CPE)range: < 3.2.1-bp153.2.3.1
- (no CPE)range: < 3.2.1-bp153.2.3.1
Patches
Vulnerability mechanics
References
3- github.com/weechat/weechat/commit/8b1331f98de1714bae15a9ca2e2b393ba49d735bnvdPatchThird Party Advisory
- weechat.org/doc/security/nvdPatchVendor Advisory
- lists.debian.org/debian-lts-announce/2021/09/msg00018.htmlnvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.