Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2022/09/28 8:0 p.m.8 views

CVE-2022-39246 matrix-android-sdk2 vulnerable to impersonation via forwarded Megolm sessions

matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others...

7.5CVSS7.4AI score0.00655EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/09/28 8:0 p.m.50 views

CVE-2022-39246 matrix-android-sdk2 vulnerable to impersonation via forwarded Megolm sessions

matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others...

7.5CVSS7.6AI score0.00655EPSS
Exploits0References4
OSV
OSV
added 2022/09/28 8:0 p.m.32 views

CVE-2022-39246 matrix-android-sdk2 vulnerable to impersonation via forwarded Megolm sessions

matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others...

7.5CVSS6AI score0.00655EPSS
Exploits0References6
CVE
CVE
added 2022/09/28 8:0 p.m.88 views

CVE-2022-39246

matrix-android-sdk2 (Android Matrix SDK) before version 1.5.1 is vulnerable: an attacker collaborating with a malicious homeserver can craft messages that appear from another user due to an overly permissive key-forwarding policy. Starting with 1.5.1, the default key-forwarding policy is stricter...

7.5CVSS5.5AI score0.00655EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder