Use-after-free vulnerability in bitlbee-libpurple before 3.5 allows remote servers to cause a denial of service (crash) or possibly execute arbitrary code by causing a file transfer connection to expire.
{ "binaries": [ { "binary_name": "bitlbee", "binary_version": "3.4.2-0ubuntu1" }, { "binary_name": "bitlbee-common", "binary_version": "3.4.2-0ubuntu1" }, { "binary_name": "bitlbee-dev", "binary_version": "3.4.2-0ubuntu1" }, { "binary_name": "bitlbee-libpurple", "binary_version": "3.4.2-0ubuntu1" }, { "binary_name": "bitlbee-plugin-otr", "binary_version": "3.4.2-0ubuntu1" } ] }