{"id":"CVE-2019-9917","details":"ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.","modified":"2026-05-14T04:03:07.917090981Z","published":"2019-03-27T06:29:00.390Z","related":["openSUSE-SU-2019:1166-1","openSUSE-SU-2019:1775-1","openSUSE-SU-2019:1859-1","openSUSE-SU-2024:11542-1"],"database_specific":{"unresolved_ranges":[{"cpe":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"18.10"}]},{"cpe":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"28"}]},{"cpe":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"29"}]},{"cpe":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"last_affected":"30"}]}]},"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00037.html"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00018.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WTRBTPL7WWKQ7DZ2ALDTCGYUWSE6SL3/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WRHCMHI44AW5CJ22WV676BKFUWWCLA7T/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZRVSINQHM623GJYYNDSBYSXT2MHKFCYQ/"},{"type":"WEB","url":"https://seclists.org/bugtraq/2019/Jun/23"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3950-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4463"},{"type":"FIX","url":"https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/znc/znc","events":[{"introduced":"0"},{"last_affected":"5cde1eb3c112b6f7508521060da1b2b3df88b158"}],"database_specific":{"cpe":"cpe:2.3:a:znc:znc:*:*:*:*:*:*:*:*","source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"1.7.2"}]}}],"versions":["znc-1.7.2","znc-1.7.2-rc1","znc-1.7.1","znc-1.7.1-rc1","znc-1.7.0","znc-1.6.0","znc-1.2","znc-1.0","znc-0.200","znc-0.098","znc-0.096","znc-0.094","znc-0.072","znc-0.070","znc-0.068","znc-0.066","znc-0.064","znc-0.062","znc-0.060","znc-0.058","znc-0.056","znc-0.054","znc-0.054-rc3","znc-0.054-rc2","znc-0.054-rc1","znc-0.052","znc-0.050","znc-0.047","znc-0.045","znc-0.044","znc-0.043","znc-0.041","znc-0.040","znc-0.039","znc-0.038","znc-0.037","znc-0.036","znc-0.035","znc-0.034","znc-0.033","znc-0.030","znc-0.029","znc-0.028","znc-0.027","znc-0.025","znc-0.023"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-9917.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}