Lucene search
K

5 matches found

NVD
NVD
added 2023/08/04 7:15 p.m.40 views

CVE-2023-38700

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Version 1.0.1n fixes this issue. As a workaround, se...

3.7CVSS3.8AI score0.00485EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/08/04 6:5 p.m.10 views

CVE-2023-38700 matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Version 1.0.1n fixes this issue. As a workaround, se...

3.5CVSS6.6AI score0.00485EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/08/04 6:5 p.m.37 views

CVE-2023-38700 matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Version 1.0.1n fixes this issue. As a workaround, se...

3.5CVSS4.4AI score0.00485EPSS
Exploits0References3
CVE
CVE
added 2023/08/04 6:5 p.m.68 views

CVE-2023-38700

CVE-2023-38700 affects matrix-appservice-irc (Node.js IRC bridge for Matrix). Before version 1.0.1, an attacker could craft an event to leak part of a targeted message from another bridged room, requiring knowledge of an event ID. The issue is fixed in version 1.0.1n. As a workaround, deployments...

3.7CVSS3.7AI score0.00485EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/08/04 6:5 p.m.30 views

CVE-2023-38700 matrix-appservice-irc events can be crafted to leak parts of targeted messages from other bridged rooms

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Version 1.0.1n fixes this issue. As a workaround, se...

3.5CVSS4.6AI score0.00485EPSS
Exploits0References5
Rows per page
Query Builder