CVE-2024-46613

Name
CVE-2024-46613
Description
WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_free_split, string_free_split_command, and string_free_split_tags.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
https://weechat.org/doc/weechat/security/WSA-2024-1/
https://github.com/weechat/weechat/issues/2178

Match rules

CPE URI Source package Min version Max version
n/a == n/a == n/a
cpe:2.3:a:weechat:weechat:*:*:*:*:*:*:*:* weechat >= 0 < 4.4.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
weechat 3.20-community 4.2.2-r1 Julien Voisin <julien.voisin@dustri.org> possibly vulnerable