Matrix Irc Bridge Security Vulnerabilities and Issues — Matrix Irc Bridge CVE List

Lucene search

MatrixMatrix Irc Bridge

7 matches found

CVE•added 2022/05/05 11:15 p.m.•70 views

CVE-2022-29166

matrix-appservice-irc is a Node.js IRC bridge for Matrix. The vulnerability in node-irc allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message. The vulnerability has been patched in matrix-appservice-irc 0.33.2. Refrain from ...

8.8CVSS8.3AI score0.00845EPSS

CVE•added 2022/09/13 7:15 p.m.•52 views

CVE-2022-39203

matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. Attackers can specify a specific string of characters, which would confuse the bridge into combining an attacker-owned channel and an existing channel, allowing them to grant themselves permissions in the channel. The vulnerabil...

8.8CVSS8.6AI score0.00203EPSS

CVE•added 2023/08/04 7:15 p.m.•51 views

CVE-2023-38700

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Version 1.0.1n fixes this issue. As a workaround, set ...

3.7CVSS3.7AI score0.00266EPSS

CVE•added 2025/02/25 8:15 p.m.•51 views

CVE-2025-27146

matrix-appservice-irc is a Node.js IRC bridge for Matrix. The matrix-appservice-irc bridge up to version 3.0.3 contains a vulnerability which can lead to arbitrary IRC command execution as the puppeted user. The attacker can only inject commands executed as their own IRC user. The vulnerability has...

4.3CVSS4.4AI score0.00052EPSS

CVE•added 2022/11/13 10:15 a.m.•49 views

CVE-2022-3971

A vulnerability was found in matrix-appservice-irc up to 0.35.1. It has been declared as critical. This vulnerability affects unknown code of the file src/datastore/postgres/PgDataStore.ts. The manipulation of the argument roomIds leads to sql injection. Upgrading to version 0.36.0 is able to addre...

5.6CVSS5.6AI score0.00046EPSS

CVE•added 2022/09/13 6:15 p.m.•40 views

CVE-2022-39202

matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. The Internet Relay Chat (IRC) protocol allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such...

6.3CVSS5.5AI score0.00124EPSS

CVE•added 2023/08/04 5:15 p.m.•37 views

CVE-2023-38690

matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0.1 ...

9.8CVSS7.7AI score0.00133EPSS