SUSE CVE-2025-53549

The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...

matrix-sdk-sqlite: SQL injection vulnerability in `SqliteEventCacheStore::find_event_with_relations`

The SqliteEventCacheStore::findeventwithrelations function constructs SQL queries using format! with unescaped input, allowing an attacker to inject arbitrary SQL. This results in a SQL injection vulnerability...

CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation

The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...