{"id":"CVE-2020-13775","details":"ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.","modified":"2026-04-16T04:42:35.242052414Z","published":"2020-06-02T23:15:10.567Z","references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DNVBE4T2DRJRQHFRMHYBTN4OSOL6DBHR/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HS3DWGXLVRROQQA57UIPMDM6XMVEMBRA/"},{"type":"FIX","url":"https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8"},{"type":"FIX","url":"https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/znc/znc","events":[{"introduced":"0"},{"last_affected":"492b4ab00792adbf773379e9b0b781ee4d29567d"},{"fixed":"2390ad111bde16a78c98ac44572090b33c3bd2d8"},{"fixed":"d229761821da38d984a9e4098ad96842490dc001"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.8.0"}]}}],"versions":["znc-0.023","znc-0.025","znc-0.027","znc-0.028","znc-0.029","znc-0.030","znc-0.033","znc-0.034","znc-0.035","znc-0.036","znc-0.037","znc-0.038","znc-0.039","znc-0.040","znc-0.041","znc-0.043","znc-0.044","znc-0.045","znc-0.047","znc-0.050","znc-0.052","znc-0.054","znc-0.054-rc1","znc-0.054-rc2","znc-0.054-rc3","znc-0.056","znc-0.058","znc-0.060","znc-0.062","znc-0.064","znc-0.066","znc-0.068","znc-0.070","znc-0.072","znc-0.094","znc-0.096","znc-0.098","znc-0.200","znc-1.0","znc-1.2","znc-1.6.0","znc-1.7.0","znc-1.8.0"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","digest":{"length":339,"function_hash":"243364098206442821278095029834259692094"},"id":"CVE-2020-13775-10921ecc","deprecated":false,"source":"https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8","signature_type":"Function","target":{"function":"CClient::EchoMessage","file":"src/Client.cpp"}},{"signature_version":"v1","digest":{"length":1048,"function_hash":"167904269692328655823236297049711722010"},"id":"CVE-2020-13775-68c39034","deprecated":false,"source":"https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001","signature_type":"Function","target":{"function":"CClient::OnTextMessage","file":"src/Client.cpp"}},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["179062844239354665685476243343750154315","264265845246454891735083395156216957566","54659103330784992543614464434984230316","329985208195638561965320143980013908939"]},"id":"CVE-2020-13775-7dfec18f","deprecated":false,"source":"https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8","signature_type":"Line","target":{"file":"src/Client.cpp"}},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["313626103625464972320511826089238497518","254488474879504029450316256937399732264","127655687726396844262208649325701215349","311663962199179814201078550800328455880"]},"id":"CVE-2020-13775-a1555ee4","deprecated":false,"source":"https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8","signature_type":"Line","target":{"file":"test/integration/tests/core.cpp"}},{"signature_version":"v1","digest":{"length":337,"function_hash":"312515070694463833106112290914265113516"},"id":"CVE-2020-13775-a52e7fdf","deprecated":false,"source":"https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8","signature_type":"Function","target":{"function":"TEST_F","file":"test/integration/tests/core.cpp"}},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["66497401595510528959044953371277996417","326262900322500493459847737519654946263","3090105072537556030670263174490445171","100969480569315892382633661881648812705"]},"id":"CVE-2020-13775-b48ef002","deprecated":false,"source":"https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001","signature_type":"Line","target":{"file":"src/Client.cpp"}},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["282026506429154266749841997301203415096","207338783748791260475251416198922182762","339186054012205851326171200838075521853","164159603877650132016191588735563078924","154310451569641065774775021930081256914","158207147809730001147209574032629522899","207377680942250475708722903493820045482","233062993365664671105950193386685885808"]},"id":"CVE-2020-13775-fc722159","deprecated":false,"source":"https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001","signature_type":"Line","target":{"file":"test/integration/tests/core.cpp"}}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"31"}]},{"events":[{"introduced":"0"},{"last_affected":"32"}]}],"vanir_signatures_modified":"2026-04-11T21:19:49Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13775.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}