Lucene search
+L

7 matches found

redhatcve
redhatcve
added 2025/05/23 10:29 a.m.4 views

CVE-2024-42369

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This...

5.3CVSS6.8AI score0.00455EPSS
Exploits0
nessus
nessus
added 2025/03/05 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-42369

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the...

5.3CVSS5.5AI score0.00455EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2024/08/20 6:35 p.m.7 views

@airgap/beacon-sdk (>=0.0.1 <=0.0.3-beta.9), @altispeed/rn-matrix-core (>=0.0.34 <=0.0.36) +56 more potentially affected by CVE-2024-42369 via matrix-js-sdk (>=0.0.4 <=34.3.0)

matrix-js-sdk NPM version =0.0.4, =0.0.1, =0.0.34, =1.3.0, =1.0.0, =2.0.0, =2.0.0-alpha.3, =2.0.0-alpha.1, =1.4.1, =0.0.1, =0.0.0-development, =0.1.0, =0.17.0, =4.0.1, =0.3.1, =0.8.0 and more Source cves: CVE-2024-42369 Source advisory: OSV:GHSA-VHR5-G3PM-49FM...

5.3CVSS5.4AI score0.00455EPSS
Exploits0
vulnrichment
vulnrichment
added 2024/08/20 2:37 p.m.10 views

CVE-2024-42369 A room with itself as a its predecessor will freeze matrix-js-sdk

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This...

4.1CVSS7.2AI score0.00455EPSS
Exploits0References2
cve
cve
added 2024/08/20 2:37 p.m.67 views

CVE-2024-42369

CVE-2024-42369 affects the matrix-js-sdk (JavaScript) where a malicious homeserver can craft a room structure whose predecessors form a cycle. This makes getRoomUpgradeHistory() recursively traverse and hang, and since this method is public and invoked by leaveRoomChain(), leaving a room can trig...

5.3CVSS4.5AI score0.00455EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2024/08/20 2:37 p.m.42 views

CVE-2024-42369 A room with itself as a its predecessor will freeze matrix-js-sdk

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This...

4.1CVSS0.00455EPSS
Exploits0References2
debiancve
debiancve
added 2024/08/20 2:37 p.m.27 views

CVE-2024-42369

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's getRoomUpgradeHistory function will infinitely recurse in this case, causing the code to hang. This...

5.3CVSS5.4AI score0.00455EPSS
Exploits0
Rows per page
Query Builder