10 matches found
CVE-2023-29529
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
Linux Distros Unpatched Vulnerability : CVE-2023-29529
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can...
CVE-2023-29529
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
CVE-2023-29529
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
CVE-2023-29529
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
CVE-2023-29529
Summary: CVE-2023-29529 affects matrix-js-sdk (Matrix Client-Server SDK for JavaScript/TypeScript) and describes a group-call eavesdropping vulnerability. The issue arises because the group call implementation accepts incoming direct calls from other users during an MSC3401 group call, even if th...
CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
@eweser/db (>=1.4.1 <=1.6.2), @medicaa/trustie (>=0.0.1 <=0.0.3) +36 more potentially affected by CVE-2023-29529 via matrix-js-sdk (>=0.0.4 <=24.1.0-rc.1)
matrix-js-sdk NPM version =0.0.4, =1.4.1, =0.0.1, =0.17.0, =4.0.1, =1.2.0, =1.1.0, =0.1.6, =0.1.11, =0.1.0, =0.0.1, =0.11.1-7, =1.6.0, =1.0.33, =1.1.5 and more Source cves: CVE-2023-29529 Source advisory: OSV:GHSA-6G67-Q39G-R79Q...