The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
{ "binaries": [ { "binary_name": "quassel", "binary_version": "0.12.2-0ubuntu1.16.04.2" }, { "binary_name": "quassel-client", "binary_version": "0.12.2-0ubuntu1.16.04.2" }, { "binary_name": "quassel-client-qt4", "binary_version": "0.12.2-0ubuntu1.16.04.2" }, { "binary_name": "quassel-core", "binary_version": "0.12.2-0ubuntu1.16.04.2" }, { "binary_name": "quassel-data", "binary_version": "0.12.2-0ubuntu1.16.04.2" }, { "binary_name": "quassel-qt4", "binary_version": "0.12.2-0ubuntu1.16.04.2" } ] }