CVE-2019-15717

Name of the Vulnerable Software and Affected Versions Irssi versions 1.2.x through 1.2.1 Irssi version 1.2.2 is not affected, so the range is simplified to versions before 1.2.2.

Description The issue is related to a use-after-free error in the Irssi IRC client, which can be exploited by a remote attacker to execute arbitrary code or cause a denial of service. This occurs when the IRC server sends a double CAP.

Recommendations For Irssi versions 1.2.x through 1.2.1, update to version 1.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the IRC server or disabling the CAP functionality until a patch is available.