Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2023/08/04 6:5 p.m.10 views

CVE-2023-38700 matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Version 1.0.1n fixes this issue. As a workaround, se...

3.5CVSS6.6AI score0.00485EPSS
Exploits0References3
OSV
OSV
added 2023/08/04 5:26 p.m.19 views

GHSA-C7HH-3V6C-FJ4Q matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms

Impact It was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Patches Please upgrade to 1.0.1. Workarounds You can set the matrixHandler.eventCacheSize config value to 0 to workaround this...

3.5CVSS3.7AI score0.00485EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/08/04 5:26 p.m.42 views

matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms

Impact It was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Patches Please upgrade to 1.0.1. Workarounds You can set the matrixHandler.eventCacheSize config value to 0 to workaround this...

3.7CVSS6.4AI score0.00485EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/23 8:17 p.m.48 views

Improper handling of multiline messages in node-irc affects matrix-appservice-irc

matrix-appservice-irc provides an IRC bridge for Matrix. The vulnerability in node-irc allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. The vulnerability has been patched in matrix-appservice-irc 0.33.2. In terms of ...

8.8CVSS8.3AI score0.00938EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder