rpm package
opensuse/quassel&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/quassel&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-4414 | Hig | 7.5 | < 0.12.4-3.3 | 0.12.4-3.3 | Jun 13, 2016 | The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data. | |
| CVE-2015-8547 | Hig | 7.5 | < 0.12.4-3.3 | 0.12.4-3.3 | Jan 8, 2016 | The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query. | |
| CVE-2013-4422 | — | < 0.12.4-3.3 | 0.12.4-3.3 | Oct 23, 2013 | SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message. |
- affected < 0.12.4-3.3fixed 0.12.4-3.3
The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
- affected < 0.12.4-3.3fixed 0.12.4-3.3
The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.
- CVE-2013-4422Oct 23, 2013affected < 0.12.4-3.3fixed 0.12.4-3.3
SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.