Lucene search
Alpine Linux Development TeamALPINE:CVE-2022-36060HistoryMar 28, 2023 - 9:15 p.m.
CVE-2022-36060
2023-03-2821:15:00
Alpine Linux Development Team
security.alpinelinux.org
28
matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. Events sent with special strings in key places can temporarily disrupt or impede the matrix-react-sdk from functioning properly, such as by causing room or event tile crashes. The remainder of the application can appear functional, though certain rooms/events will not be rendered. This issue has been fixed in matrix-react-sdk 3.53.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | element-web | < 1.11.4-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | riot-web | < 1.11.4-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | riot-web | < 1.11.4-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | element-web | < 1.11.4-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | element-web | < 1.11.4-r0 | UNKNOWN |
Related
cve
cve
CVE-2022-36060
2023-03-28 21:15:00
osv
osv
matrix-react-sdk Prototype pollution vulnerability
2023-03-28 19:57:57
CVE-2022-36060
2023-03-28 21:15:10
Prototype pollution in matrix-react-sdk
2023-03-29 19:34:25
github
github
matrix-react-sdk Prototype pollution vulnerability
2023-03-28 19:57:57
Prototype pollution in matrix-react-sdk
2023-03-29 19:34:25
prion
prion
Design/Logic Flaw
2023-03-28 21:15:00
cvelist
cvelist
CVE-2022-36060 Prototype pollution in matrix-react-sdk
2023-03-28 20:37:28
veracode
veracode
Prototype Pollution
2022-09-03 12:36:50
freebsd
freebsd
Matrix clients -- several vulnerabilities
2022-08-31 00:00:00
nessus
nessus