ALPINE-CVE-2020-14148

See a problem?
Please try reporting it to the source first.
Source
https://security.alpinelinux.org/vuln/CVE-2020-14148
Import Source
https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json
JSON Data
https://api.osv.dev/v1/vulns/ALPINE-CVE-2020-14148
Upstream
Published
2020-06-15T18:15:15.067Z
Modified
2025-12-03T22:52:57.778091Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.

References

Affected packages

Alpine:v3.10
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.11
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.12
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.13
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.14
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.15
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.16
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.17
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.18
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.19
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.20
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.21
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.22
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.23
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
25-r1

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
25-r0
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"
Alpine:v3.9
ngircd

Package

Name
ngircd
Purl
pkg:apk/alpine/ngircd?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24-r5

Affected versions

14.*
14.1-r0
14.1-r1
Other
15-r0
15-r1
15-r2
16-r0
17-r0
18-r0
18-r1
18-r2
18-r3
20-r0
20-r1
21-r0
22-r0
22-r1
23-r0
23-r1
23-r2
23-r3
24-r0
24-r1
24-r2
24-r3
24-r4
17.*
17.1-r0
19.*
19.1-r0
19.2-r0
20.*
20.2-r1
20.2-r2
20.3-r0
21.*
21.1-r0
21.1-r1
21.1-r2
22.*
22.1-r0
22.1-r1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2020-14148.json"