ircdkit vulnerable to Denial of Service due to unhandled connection end event · GHSA-f7r3-p866-q9qr · GitHub Advisory Database · GitHub

ircdkit vulnerable to Denial of Service due to unhandled connection end event

Low severity GitHub Reviewed Published Jun 3, 2019 to the GitHub Advisory Database • Updated Jan 11, 2023

Package

ircdkit (npm)

Affected versions

<= 1.0.3

Patched versions

1.0.4

Description

Versions of ircdkit 1.0.3 and prior are vulnerable to a remote denial of service.

Recommendation

Upgrade to version 1.0.4.

References

Reviewed Jun 3, 2019

Published to the GitHub Advisory Database Jun 3, 2019

Last updated Jan 11, 2023

Severity

Low

3.7

/ 10

CVSS base metrics

Attack vector

Network

Attack complexity

High

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

Low

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L