{"id":"CVE-2021-37697","details":"tmerc-cogs are a collection of open source plugins for the Red Discord bot. A vulnerability has been found in the code that allows any user to access sensitive information by crafting a specific membership event message. Issue is patched in commit d63c49b4cfc30c795336e4fff08cba3795e0fcc0. As a workaround users may unload the Welcome cog.","modified":"2026-03-13T22:14:12.373925Z","published":"2021-08-11T23:15:08.107Z","related":["GHSA-77xv-8c2x-j96j"],"references":[{"type":"FIX","url":"https://github.com/tmercswims/tmerc-cogs/commit/d63c49b4cfc30c795336e4fff08cba3795e0fcc0"},{"type":"FIX","url":"https://github.com/tmercswims/tmerc-cogs/security/advisories/GHSA-77xv-8c2x-j96j"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tmercswims/tmerc-cogs","events":[{"introduced":"0"},{"fixed":"d63c49b4cfc30c795336e4fff08cba3795e0fcc0"}]},{"type":"GIT","repo":"https://github.com/tmercswims/tmerc-cogs","events":[{"introduced":"0"},{"fixed":"d63c49b4cfc30c795336e4fff08cba3795e0fcc0"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-37697.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"3.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}