3 matches found
CVE-2022-39255
creationtimestamp| type| source ---|---|--- 2022-09-29 00:34:40+00:00| seen| https://t.me/cibsecurity/50635 2022-09-30 17:05:05+00:00| published-proof-of-concept| https://t.me/truesecator/3497...
CVE-2022-39255 Matrix iOS SDK vulnerable ton Olm/Megolm protocol confusion
Matrix iOS SDK allows developers to build iOS apps compatible with Matrix. Prior to version 0.23.19, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a...
CVE-2022-39255
Summary (CVE-2022-39255): The Matrix iOS SDK (prior to 0.23.19) is vulnerable to protocol confusion between Megolm and Olm for to-device messages. An attacker collaborating with a malicious homeserver can craft messages that appear to come from another user, enabling impersonation and targeted at...