sopel-plugins-channelmgnt

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting sopel-plugins-channelmgntpage 1 of 1

CVE-2020-15251HIGHCVSS 7.7EG 7.7✓ Fixed in 1.0.3
2020-10-13
vulnerable: 1.0.0, 1.0.1, 1.0.2
In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions …
CVE-2021-21431HIGHCVSS 7.6EG 7.6✓ Fixed in 2.0.1
2021-04-09
vulnerable: 1.0.0 ... 2.0 (8 versions)
sopel-channelmgnt is a channelmgnt plugin for sopel. In versions prior to 2.0.1, on some IRC servers, restrictions around the removal of the bot using the kick/kickban command could be bypassed when kicking multiple users at once. We also …

Check whether sopel-plugins-channelmgnt is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for sopel-plugins-channelmgnt CVEs against the assets you own.

Start Free Scan →