Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

GHSA-xvqg-mv25-rwvw

GitHub Security Advisory

Parsing issue in matrix-org/node-irc leading to room takeovers

✓ GitHub Reviewed HIGH Has CVE
View on GitHub

Advisory Details

### Impact

Attackers can specify a specific string of characters, which would confuse the bridge into combining an attacker-owned channel and an existing channel, allowing them to grant themselves permissions in the channel.

### Patched

The vulnerability has been patched in matrix-appservice-irc 0.35.0.

### Workarounds

Disable dynamic channel joining via `dynamicChannels.enabled` to prevent users from joining new channels, which prevents any new channels being bridged outside of what is already bridged, and what is specified in the config.

### References

- https://matrix.org/blog/2022/09/13/security-release-of-matrix-appservice-irc-0-35-0-high-severity

### Credits

Discovered and reported by [Val Lorentz](https://valentin-lorentz.fr/).

### For more information

If you have any questions or comments about this advisory email us at [[email protected]](mailto:[email protected]).

Affected Packages

npm matrix-appservice-irc
Affected versions: 0 (fixed in 0.35.0)

Related CVEs

CVE-2022-39203

Key Information

GHSA ID
GHSA-xvqg-mv25-rwvw
Published
September 15, 2022 3:26 AM
Last Modified
October 7, 2022 4:25 PM
CVSS Score
7.5 /10
Primary Ecosystem
npm
Primary Package
matrix-appservice-irc
GitHub Reviewed
✓ Yes

Dataset

Last updated: September 13, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.