Malicious Matrix homeserver can leak truncated message content of messages it shouldn't have access to
- Severity:
- Medium
Description
The fix for GHSA-wm4w-7h2q-3pf7 / CVE-2024-32000 included in matrix-appservice-irc 2.0.0 relied on the Matrix homeserver-provided timestamp to determine whether a user has access to the event they’re replying to when determining whether or not to include a truncated version of the original event in the IRC message.
Recommendation
Update the matrix-appservice-irc package to the latest compatible version. Followings are version details:
- Affected version(s): <= 2.0.0
- Patched version(s): 2.0.1
References
Related Issues
- NodeJS Driver for Snowflake has race condition when checking access to Easy Logging configuration file - CVE-2025-46328
- matrix-appservice-irc IRC command injection via admin commands containing newlines - CVE-2023-38690
- Matrix IRC Bridge truncated content of messages can be leaked - CVE-2024-32000
- crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard - CVE-2023-46233
- Tags:
- npm
- matrix-appservice-irc
Anything's wrong? Let us know Last updated on July 05, 2024