7 matches found
Fedora 37 : nheko (2022-959b529587)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-959b529587 advisory. Updated to version 0.10.2 with CVE fix. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...
Fedora 36 : nheko (2022-1fd94a54a1)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-1fd94a54a1 advisory. Updated to version 0.10.2 with CVE fix. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...
CVE-2022-39264
nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply th...
CVE-2022-39264
nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply th...
CVE-2022-39264 nheko vulnerable to secret poisoning using MITM on secret requests by the homeserver
nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply th...
CVE-2022-39264
CVE-2022-39264 affects the nheko desktop client for Matrix; all releases prior to 0.10.2 are vulnerable because homeservers can insert malicious secrets, enabling potential man‑in‑the‑middle attacks. The recommended fix is upgrading to v0.10.2. Workarounds mentioned include applying patches manua...
CVE-2022-39264
nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply th...