CVE-2023-38688

Name of the Vulnerable Software and Affected Versions twitch-tui versions prior to 2.4.1

Description The issue arises from the software's configuration of the IRC connection, which disables TLS, resulting in unencrypted communication to Twitch IRC servers. This allows communication, including auth tokens, to be sniffed.

Recommendations For versions prior to 2.4.1, update to version 2.4.1 to resolve the issue. As a temporary workaround, consider configuring the IRC connection to enable TLS until the update can be applied.