CVE-2022-39255

🗓️ 28 Sep 2022 20:35:10Reported by GitHub_MType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 77 Views

Matrix iOS SDK prior to version 0.23.19 allows attackers to construct fake messages and perform targeted attacks via a protocol confusion vulnerability

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2022-39255	29 Sep 202200:34	–	circl
CNNVD	Matrix 授权问题漏洞	28 Sep 202200:00	–	cnnvd
Cvelist	CVE-2022-39255 Matrix iOS SDK vulnerable ton Olm/Megolm protocol confusion	28 Sep 202220:35	–	cvelist
EUVD	EUVD-2022-41768	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Matrix SDKs	29 Sep 202200:00	–	ncsc
NVD	CVE-2022-39255	28 Sep 202221:15	–	nvd
OSV	CVE-2022-39255 Matrix iOS SDK vulnerable ton Olm/Megolm protocol confusion	28 Sep 202220:35	–	osv
Prion	Type confusion	28 Sep 202221:15	–	prion
Positive Technologies	PT-2022-24847 · Unknown · Matrix Ios Sdk	28 Sep 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-39255	5 Feb 202519:36	–	redhatcve

NVD

Vulners

Node

matrix software_development_kitRange<0.23.19iphone_os

[
  {
    "product": "matrix-ios-sdk",
    "vendor": "matrix-org",
    "versions": [
      {
        "status": "affected",
        "version": "< 0.23.19"
      }
    ]
  }
]

Source	Link
github	www.github.com/matrix-org/matrix-ios-sdk/security/advisories/GHSA-hw6g-j8v6-9hcm
github	www.github.com/matrix-org/matrix-ios-sdk/releases/tag/v0.23.19
github	www.github.com/matrix-org/matrix-ios-sdk/commit/5ca86c328a5faaab429c240551cb9ca8f0f6262c
matrix	www.matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients