CVE-2021-33586

medium

Description

InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user (able to connect to the server) to access recently deallocated memory, aka the "malformed PONG" issue.

References

https://security.gentoo.org/glsa/202107-22

https://github.com/inspircd/inspircd/commit/4350a11c663b0d75f8119743bffb7736d87abd4d

https://docs.inspircd.org/security/2021-01/

Details

Source: Mitre, NVD

Published: 2021-05-27

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N