CVE-2021-29502

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-29502
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-29502.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-29502
Related
  • GHSA-834g-67vv-m9wq
Published
2021-05-10T18:15:07.833Z
Modified
2026-03-13T22:16:15.701576Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

WarnSystem is a cog (plugin) for the Red discord bot. A vulnerability has been found in the code that allows any user to access sensible informations by setting up a specific template which is not properly sanitized. The problem has been patched in version 1.3.18. Users should update and type !warnsysteminfo to check that their version is 1.3.18 or above. As a workaround users may unload the WarnSystem cog or disable the !warnset description command globally.

References

Affected packages

Git / github.com/laggron42/laggrons-dumb-cogs

Affected ranges

Type
GIT
Repo
https://github.com/laggron42/laggrons-dumb-cogs
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
c79dd2cc879989cf2018e76ba2aad0baef3b4ec8
Type
GIT
Repo
https://github.com/laggron42/laggrons-dumb-cogs
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
c79dd2cc879989cf2018e76ba2aad0baef3b4ec8

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "1.3.18"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-29502.json"