CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
After several cryptographic vulnerabilities in libolm
were disclosed publicly, the Matrix Foundation has officially deprecated the library. olm-sys
is a thin wrapper around libolm
and is now deprecated and potentially vulnerable in kind.
Users of olm-sys
and its higher-level abstraction, olm-rs
, are highly encouraged to switch to vodozemac
as soon as possible. It is the successor effort to libolm
and is written in Rust.