Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.8 views

Fedora 37 : nheko (2022-959b529587)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-959b529587 advisory. Updated to version 0.10.2 with CVE fix. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

8.6CVSS6.9AI score0.00641EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/23 12:0 a.m.20 views

Fedora 36 : nheko (2022-1fd94a54a1)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-1fd94a54a1 advisory. Updated to version 0.10.2 with CVE fix. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus ha...

8.6CVSS6.9AI score0.00641EPSS
Exploits0References2
NVD
NVD
added 2022/09/28 10:15 p.m.13 views

CVE-2022-39264

nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply th...

8.6CVSS0.00641EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2022/09/28 10:15 p.m.43 views

CVE-2022-39264

nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply th...

8.6CVSS6.8AI score0.00641EPSS
Exploits0References4
OSV
OSV
added 2022/09/28 12:0 a.m.17 views

CVE-2022-39264 nheko vulnerable to secret poisoning using MITM on secret requests by the homeserver

nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply th...

8.6CVSS7AI score0.00641EPSS
Exploits0References7
CVE
CVE
added 2022/09/28 12:0 a.m.85 views

CVE-2022-39264

CVE-2022-39264 affects the nheko desktop client for Matrix; all releases prior to 0.10.2 are vulnerable because homeservers can insert malicious secrets, enabling potential man‑in‑the‑middle attacks. The recommended fix is upgrading to v0.10.2. Workarounds mentioned include applying patches manua...

8.6CVSS6.2AI score0.00641EPSS
Exploits0References5Affected Software1
AlpineLinux
AlpineLinux
added 2022/09/28 12:0 a.m.54 views

CVE-2022-39264

nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply th...

8.6CVSS6AI score0.00641EPSS
Exploits0
Rows per page
Query Builder