FreeBSD : Matrix clients -- Prototype pollution in matrix-js-sdk (5b0ae405-cdc7-11ed-bb39-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 5b0ae405-cdc7-11ed-bb39-901b0e9408dc advisory. - matrix-react-sdk is a Matrix chat protocol SDK for React Javascript. In certain...

FreeBSD : Matrix clients -- several vulnerabilities (cb902a77-3f43-11ed-9402-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the cb902a77-3f43-11ed-9402-901b0e9408dc advisory. - Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7....

FreeBSD : Matrix clients -- several vulnerabilities (e4d93d07-297a-11ed-95f8-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e4d93d07-297a-11ed-95f8-901b0e9408dc advisory. - Thunderbird users who use the Matrix chat protocol were vulnerable to a denial-of-service...

Information Disclosure

riot-web is vulnerable to information disclosure.A logic error in the room key sharing functionality of Element Android allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix...

FreeBSD : Matrix clients -- several vulnerabilities (93eb0e48-14ba-11ec-875e-901b0e9408dc)

Matrix developers report : Today we are disclosing a critical security issue affecting multiple Matrix clients and libraries including Element Web/Desktop/Android, FluffyChat, Nheko, Cinny, and SchildiChat. Specifically, in certain circumstances it may be possible to trick vulnerable clients into...

Matrix clients -- several vulnerabilities

Matrix developers report: Today we are disclosing a critical security issue affecting multiple Matrix clients and libraries including Element Web/Desktop/Android, FluffyChat, Nheko, Cinny, and SchildiChat. Specifically, in certain circumstances it may be possible to trick vulnerable clients into...

GHSA-4MP3-385R-V63F Denial of service attack due to invalid JSON

Impact A denial of service attack against Matrix clients can be exploited by sending an event including invalid JSON data to Synapse. Synapse would relay the data to clients which could crash or hang. Impact is long-lasting if the event is made part of the room state. Patches At a minimum 8106 an...

Denial of service attack due to invalid JSON

Impact A denial of service attack against Matrix clients can be exploited by sending an event including invalid JSON data to Synapse. Synapse would relay the data to clients which could crash or hang. Impact is long-lasting if the event is made part of the room state. Patches At a minimum 8106 an...