Lucene search
+L

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:29 a.m.10 views

CVE-2023-29529

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5.3CVSS6.5AI score0.00543EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-29529

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can...

5.3CVSS5.8AI score0.00543EPSS
Exploits0References3
NVD
NVD
added 2023/04/14 7:15 p.m.38 views

CVE-2023-29529

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5.3CVSS4.9AI score0.00543EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/04/14 7:15 p.m.20 views

CVE-2023-29529

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5.3CVSS6.1AI score0.00543EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/04/14 6:21 p.m.7 views

CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5CVSS5.1AI score0.00543EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2023/04/14 6:21 p.m.12 views

CVE-2023-29529

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5.3CVSS5AI score0.00543EPSS
Exploits0
Cvelist
Cvelist
added 2023/04/14 6:21 p.m.42 views

CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5CVSS5.3AI score0.00543EPSS
Exploits0References3
CVE
CVE
added 2023/04/14 6:21 p.m.72 views

CVE-2023-29529

Summary: CVE-2023-29529 affects matrix-js-sdk (Matrix Client-Server SDK for JavaScript/TypeScript) and describes a group-call eavesdropping vulnerability. The issue arises because the group call implementation accepts incoming direct calls from other users during an MSC3401 group call, even if th...

5.3CVSS4.9AI score0.00543EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/04/14 6:21 p.m.31 views

CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5CVSS5.1AI score0.00543EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2023/04/14 4:14 p.m.8 views

@eweser/db (>=1.4.1 <=1.6.2), @medicaa/trustie (>=0.0.1 <=0.0.3) +36 more potentially affected by CVE-2023-29529 via matrix-js-sdk (>=0.0.4 <=24.1.0-rc.1)

matrix-js-sdk NPM version =0.0.4, =1.4.1, =0.0.1, =0.17.0, =4.0.1, =1.2.0, =1.1.0, =0.1.6, =0.1.11, =0.1.0, =0.0.1, =0.11.1-7, =1.6.0, =1.0.33, =1.1.5 and more Source cves: CVE-2023-29529 Source advisory: OSV:GHSA-6G67-Q39G-R79Q...

5.3CVSS6AI score0.00543EPSS
Exploits0
Rows per page
Query Builder