http://bugzilla.opensuse.org/show_bug.cgi?id=1172446 Bug ID: 1172446 Summary: VUL-1: CVE-2020-13775: znc: allows attackers to trigger an application crash (NULL pointer dereference) if echo-message is not enabled and there is no network Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other URL: https://smash.suse.de/issue/260498/ OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: mpluskal@suse.com Reporter: wolfgang.frisch@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2020-13775 ZNC before 1.8.1-rc1 allows attackers to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13775 https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8 -- You are receiving this mail because: You are on the CC list for the bug.