Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/09/18 4:40 p.m.3 views

CVE-2025-59160

Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...

6.9CVSS6.6AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2025/09/16 8:18 p.m.5 views

GHSA-MP7C-M3RH-R56V matrix-js-sdk has insufficient validation when considering a room to be upgraded by another

Impact matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-supplied room. Patches The issue has been patched and users should upgrade to...

6.9CVSS6.9AI score0.00227EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2025/09/16 8:18 p.m.8 views

matrix-js-sdk has insufficient validation when considering a room to be upgraded by another

Impact matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-supplied room. Patches The issue has been patched and users should upgrade to...

6.9CVSS6.9AI score0.00227EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2025/09/16 5:15 p.m.4 views

CVE-2025-59160

Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...

6.9CVSS0.00227EPSS
Exploits0References2
OSV
OSV
added 2025/09/16 5:15 p.m.3 views

UBUNTU-CVE-2025-59160

Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...

6.9CVSS5.8AI score0.00227EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.3 views

matrix-js-sdk 数据伪造问题漏洞

matrix-js-sdk is an application component of Matrix open source. A data forgery issue vulnerability exists in matrix-js-sdk versions prior to 38.2.0, which stems from insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, which could lead to an attacker replacing a...

6.9CVSS6.3AI score0.00227EPSS
Exploits0References3
Rows per page
Query Builder