NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-52505

Summary	matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging protocol. The provisioning API of the matrix-appservice-irc bridge up to version 3.0.2 contains a vulnerability which can lead to arbitrary IRC command execution as the bridge IRC bot. The vulnerability has been patched in matrix-appservice-irc version 3.0.3.
Publication Date	Nov. 15, 2024, 1:15 a.m.
Registration Date	Nov. 15, 2024, 5 a.m.
Last Update	Nov. 15, 2024, 10:58 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-c3hj-hg7p-rrq5
2	https://github.com/matrix-org/matrix-appservice-irc/commit/4a024eae1a992b1ea67e71a998e0b833b54221e2

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-147	入力終端子の不適切な無効化	https://cwe.mitre.org/data/definitions/147.html