Home > Vulnerability Database > CVE-2024-46613

Mend.io Vulnerability Database

CVE-2024-46613

Date: November 9, 2024

WeeChat before 4.4.2 has an integer overflow and resultant buffer overflow at core/core-string.c when there are more than two billion items in a list. This affects string_free_split_shared , string_free_split, string_free_split_command, and string_free_split_tags.

Language: C

Severity Score

4.3

Related Resources (5)

Url: https://github.com/weechat/weechat/issues/2178

Url: https://weechat.org/doc/weechat/security/WSA-2024-1/

Url: https://security-tracker.debian.org/tracker/CVE-2024-46613

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-46613

Url: https://www.mend.io/vulnerability-database/CVE-2024-46613

Severity Score

4.3

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	PHYSICAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

CVE-2024-46613

Date: November 9, 2024

Language: C

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?