{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T06:35:51.035","vulnerabilities":[{"cve":{"id":"CVE-2024-52505","sourceIdentifier":"security-advisories@github.com","published":"2024-11-14T16:15:20.220","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging protocol. The provisioning API of the matrix-appservice-irc bridge up to version 3.0.2 contains a vulnerability which can lead to arbitrary IRC command execution as the bridge IRC bot. The vulnerability has been patched in matrix-appservice-irc version 3.0.3."},{"lang":"es","value":"matrix-appservice-irc es un puente IRC de Node.js para el protocolo de mensajería Matrix. La API de aprovisionamiento del puente matrix-appservice-irc hasta la versión 3.0.2 contiene una vulnerabilidad que puede provocar la ejecución arbitraria de comandos IRC como bot de puente IRC. La vulnerabilidad ha sido corregida en la versión 3.0.3 de matrix-appservice-irc."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-147"}]}],"references":[{"url":"https://github.com/matrix-org/matrix-appservice-irc/commit/4a024eae1a992b1ea67e71a998e0b833b54221e2","source":"security-advisories@github.com"},{"url":"https://github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-c3hj-hg7p-rrq5","source":"security-advisories@github.com"}]}}]}