Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29628

Malicious code in bioql PyPI...

6.9CVSS6.3AI score0.00227EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/18 4:40 p.m.4 views

CVE-2025-59160

Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...

6.9CVSS6.6AI score0.00227EPSS
Exploits0References1
Snyk
Snyk
added 2025/09/16 8:18 p.m.3 views

Missing Authorization

Overview matrix-js-sdk is a Matrix Client-Server SDK for Javascript Affected versions of this package are vulnerable to Missing Authorization via insufficient validation of room predecessor links in the getJoinedRooms function. An attacker can cause a user to join an attacker-controlled room by...

6.9CVSS6.6AI score0.00227EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 8:18 p.m.5 views

GHSA-MP7C-M3RH-R56V matrix-js-sdk has insufficient validation when considering a room to be upgraded by another

Impact matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-supplied room. Patches The issue has been patched and users should upgrade to...

6.9CVSS6.9AI score0.00227EPSS
Exploits0References6
OSV
OSV
added 2025/09/16 5:15 p.m.3 views

UBUNTU-CVE-2025-59160

Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...

6.9CVSS5.8AI score0.00227EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/16 4:37 p.m.6 views

CVE-2025-59160 matrix-js-sdk has insufficient validation when considering a room to be upgraded by another

Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...

6.9CVSS0.00227EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-38058

Name of the Vulnerable Software and Affected Versions: matrix-js-sdk versions prior to 38.2.0 Description: The Matrix JavaScript SDK has insufficient validation of room predecessor links in the MatrixClient::getJoinedRooms function, potentially allowing a remote attacker to replace a tombstoned...

6.9CVSS6.5AI score0.00227EPSS
Exploits0References12
Rows per page
Query Builder