CVE-2021-45848: Improper Encoding or Escaping of Output

March 15, 2022 (updated November 7, 2023)

Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later allows a user with a modified Soulseek client to crash Nicotine+ by sending a file download request with a file path containing a null character.

References

github.com/nicotine-plus/nicotine-plus/issues/1777
nvd.nist.gov/vuln/detail/CVE-2021-45848

Detect and mitigate CVE-2021-45848 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →