3 matches found
fractal-12.beta+14-1.1 on GA media (moderate)
fractal-12.beta+14-1.1 on GA media Announcement ID: openSUSE-SU-2025:15351-1 Rating: moderate Cross-References: CVE-2025-53549 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
CVE-2025-53549
Summary: The matrix-sdk-sqlite component contains an SQL injection in SqliteEventCacheStore::find_event_with_relations, where SQL is constructed via format!() with unescaped input. This allows an attacker to inject arbitrary SQL when a Matrix client uses the default sqlite-based store backend and...
CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation
The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...