{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-10T22:21:14.220","vulnerabilities":[{"cve":{"id":"CVE-2023-38688","sourceIdentifier":"security-advisories@github.com","published":"2023-08-04T17:15:10.097","lastModified":"2024-11-21T08:14:03.513","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"twitch-tui provides Twitch chat in a terminal. Prior to version 2.4.1, the connection is not using TLS for communication. In the configuration of the irc connection, the software disables TLS, which makes all communication to Twitch IRC servers unencrypted. As a result, communication, including auth tokens, can be sniffed. Version 2.4.1 has a patch for this issue."},{"lang":"es","value":"twitch-tui proporciona el chat de Twitch en un terminal. Antes de la versión 2.4.1, la conexión no utiliza TLS para la comunicación. En la configuración de la conexión irc, el software deshabilita TLS, lo que hace que toda la comunicación con los servidores IRC de Twitch no esté cifrada. Como resultado, la comunicación, incluyendo los tokens de autenticación, puede ser interceptada. La versión 2.4.1 tiene un parche para este problema.\n"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-311"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xithrius:twitch-tui:*:*:*:*:*:rust:*:*","versionEndIncluding":"2.4.0","matchCriteriaId":"51E1B391-7145-4B2F-8183-B007928C21E7"}]}]}],"references":[{"url":"https://github.com/Xithrius/twitch-tui/blob/340afc3c8c07a83289fe6ef614aa7563c8b70756/src/twitch/connection.rs#L23","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/Xithrius/twitch-tui/commit/74d13ddca35f8f0816f4933c229da1fd95c0350a","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/Xithrius/twitch-tui/security/advisories/GHSA-779w-xvpm-78jx","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://github.com/Xithrius/twitch-tui/blob/340afc3c8c07a83289fe6ef614aa7563c8b70756/src/twitch/connection.rs#L23","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/Xithrius/twitch-tui/commit/74d13ddca35f8f0816f4933c229da1fd95c0350a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/Xithrius/twitch-tui/security/advisories/GHSA-779w-xvpm-78jx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}