Lucene search
K

63 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.12 views

Astra Linux – Vulnerability in Thunderbird

The olmsessiondescribe function in Matrix libolm before version 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a...

9.8CVSS9AI score0.01921EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-21460

Malware in sbrugna...

9.8CVSS9.3AI score0.04262EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-31369

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01921EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-44538

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel...

9.8CVSS7.8AI score0.01921EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2021-34813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client while it is attempting to retrieve an Olm encrypted room key backup from the...

9.8CVSS9AI score0.04262EPSS
Exploits1References2
OSV
OSV
added 2024/09/03 9:11 p.m.1 views

GHSA-P2Q9-36VW-C468 olm-sys: wrapped library unmaintained, potentially vulnerable

After several cryptographic vulnerabilities in libolm were disclosed publicly, the Matrix Foundation has officially deprecated the library. olm-sys is a thin wrapper around libolm and is now deprecated and potentially vulnerable in kind. Users of olm-sys and its higher-level abstraction, olm-rs,...

5.9AI score
Exploits0References4
OSV
OSV
added 2024/09/02 12:0 p.m.76 views

RUSTSEC-2024-0368 olm-sys: wrapped library unmaintained, potentially vulnerable

After several cryptographic vulnerabilities in libolm were disclosed publicly, the Matrix Foundation has officially deprecated the library. olm-sys is a thin wrapper around libolm and is now deprecated and potentially vulnerable in kind. Users of olm-sys and its higher-level abstraction, olm-rs,...

5.3CVSS4.9AI score0.00536EPSS
Exploits3References4
SUSE CVE
SUSE CVE
added 2024/08/23 2:27 a.m.3 views

SUSE CVE-2024-45191

An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...

5.3CVSS7AI score0.00454EPSS
Exploits1References3
NVD
NVD
added 2024/08/22 4:15 p.m.37 views

CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

5.3CVSS0.00536EPSS
Exploits1References4
NVD
NVD
added 2024/08/22 4:15 p.m.27 views

CVE-2024-45193

An issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack of validation criteria does not ensure that S n. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the...

4.3CVSS0.00284EPSS
Exploits1References4
NVD
NVD
added 2024/08/22 4:15 p.m.40 views

CVE-2024-45191

An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...

5.3CVSS0.00454EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2024/08/22 4:15 p.m.16 views

CVE-2024-45193

An issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack of validation criteria does not ensure that S n. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the...

4.3CVSS5.9AI score0.00284EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2024/08/22 4:15 p.m.25 views

CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

5.3CVSS5.9AI score0.00536EPSS
Exploits1References5
OSV
OSV
added 2024/08/22 4:15 p.m.8 views

UBUNTU-CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

5.3CVSS5.8AI score0.00536EPSS
Exploits1References6
OSV
OSV
added 2024/08/22 4:15 p.m.4 views

UBUNTU-CVE-2024-45193

An issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack of validation criteria does not ensure that S n. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the...

4.3CVSS5.8AI score0.00284EPSS
Exploits1References6
Cvelist
Cvelist
added 2024/08/22 12:0 a.m.32 views

CVE-2024-45191

An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...

0.00454EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.4 views

PT-2024-31476 · Matrix +1 · Libolm +1

Name of the Vulnerable Software and Affected Versions: Matrix libolm versions 3.2.16 and earlier Description: There is Ed25519 signature malleability due to lack of validation criteria in the libolm implementation of Olm, which does not ensure that S n. This issue only affects products that are n...

4.3CVSS6.8AI score0.00284EPSS
Exploits1References21
Debian CVE
Debian CVE
added 2024/08/22 12:0 a.m.58 views

CVE-2024-45192

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...

5.3CVSS5.3AI score0.00536EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/08/22 12:0 a.m.16 views

CVE-2024-45191

An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only...

9.4AI score0.00454EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/08/22 12:0 a.m.5 views

Matrix libolm 安全漏洞

Matrix libolm olm is a cryptographic library from the Matrix Foundation. A security vulnerability exists in Matrix libolm version 3.2.16 and earlier versions, which stems from vulnerability to cache timing attacks...

5.3CVSS6.4AI score0.00454EPSS
Exploits1References5
Rows per page
Query Builder