Jump to:

CVE-2018-9240

Jump to:

CVE-2018-9240

Package ncmpc updated to version 0.31-alt1 for branch sisyphus in task 213491.

Published: 2018-04-04
Modified: 2024-11-21

CVE-2018-9240

ncmpc through 0.29 is prone to a NULL pointer dereference flaw. If a user uses the chat screen and another client sends a long chat message, a crash and denial of service could occur.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

https://bugs.debian.org/894724
https://bugs.debian.org/894724
[debian-lts-announce] 20200425 [SECURITY] [DLA 2186-1] ncmpc security update
[debian-lts-announce] 20200425 [SECURITY] [DLA 2186-1] ncmpc security update
USN-4507-1
USN-4507-1

Version: 2.1.0

Package ncmpc update in sisyphus on 2018-09-21

ALT-PU-2018-2366-1

Closed vulnerabilities

CVE-2018-9240