Lucene search
K

87 matches found

NVD
NVD
added 2022/09/28 5:15 p.m.16 views

CVE-2022-39236

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

5.3CVSS0.01001EPSS
Exploits0References5
OSV
OSV
added 2022/09/28 5:15 p.m.1 views

UBUNTU-CVE-2022-39236

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

5.3CVSS7AI score0.01001EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2022/09/28 5:15 p.m.29 views

CVE-2022-39236

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

5.3CVSS6.3AI score0.01001EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2022/09/28 12:0 a.m.27 views

CVE-2022-39236

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

5.3CVSS6.7AI score0.01001EPSS
Exploits0
Debian CVE
Debian CVE
added 2022/09/28 12:0 a.m.22 views

CVE-2022-39251

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a...

8.6CVSS8.2AI score0.00872EPSS
Exploits0
OSV
OSV
added 2022/09/28 12:0 a.m.26 views

CVE-2022-39249 Matrix Javascript SDK vulnerable to impersonation via forwarded Megolm sessions

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be...

7.5CVSS8.3AI score0.00946EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/09/28 12:0 a.m.19 views

CVE-2022-39251 Matrix Javascript SDK vulnerable to Olm/Megolm protocol confusion

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a...

8.6CVSS8.2AI score0.00872EPSS
Exploits0References5
CVE
CVE
added 2022/09/28 12:0 a.m.137 views

CVE-2022-39251

The CVE-2022-39251 vulnerability affects the Matrix Javascript SDK (matrix-js-sdk) prior to version 19.7.0. It stems from a protocol confusion bug that allowed to‑device messages encrypted with Megolm to be accepted as Olm, enabling an attacker coordinating with a malicious homeserver to craft me...

8.6CVSS8AI score0.00872EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2022/09/28 12:0 a.m.129 views

CVE-2022-39236

CVE-2022-39236 affects the Matrix JavaScript SDK (matrix-js-sdk). Starting with version 17.1.0-rc.1, improperly formed beacon events (MSC3488) can disrupt or impede the matrix-js-sdk’s operation, potentially preventing safe data processing. The SDK may appear functional while excluding or corrupt...

5.3CVSS6.2AI score0.01001EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2022/09/28 12:0 a.m.23 views

CVE-2022-39249 Matrix Javascript SDK vulnerable to impersonation via forwarded Megolm sessions

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be...

7.5CVSS8.1AI score0.00946EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2022/09/28 12:0 a.m.4 views

CVE-2022-39236 Matrix Javascript SDK improper beacon events can cause availability issues

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

4.3CVSS5.2AI score0.01001EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2022/09/28 12:0 a.m.3 views

CVE-2022-39249 Matrix Javascript SDK vulnerable to impersonation via forwarded Megolm sessions

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be...

7.5CVSS7.4AI score0.00946EPSS
Exploits0References6
Cvelist
Cvelist
added 2022/09/28 12:0 a.m.25 views

CVE-2022-39236 Matrix Javascript SDK improper beacon events can cause availability issues

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

4.3CVSS6.9AI score0.01001EPSS
Exploits0References5
CVE
CVE
added 2022/09/28 12:0 a.m.136 views

CVE-2022-39249

CVE-2022-39249 affects the Matrix Javascript SDK (matrix-js-sdk) prior to 19.7.0. A malicious homeserver can coordinate to craft messages that appear from another user due to a permissive key-forwarding policy. Starting with 19.7.0, the default policy was tightened to only accept forwarded keys i...

7.5CVSS7.9AI score0.00946EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/28 12:0 a.m.6 views

CVE-2022-39251 Matrix Javascript SDK vulnerable to Olm/Megolm protocol confusion

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a...

8.6CVSS8.5AI score0.00872EPSS
Exploits0References5
OSV
OSV
added 2022/09/28 12:0 a.m.21 views

CVE-2022-39236 Matrix Javascript SDK improper beacon events can cause availability issues

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

4.3CVSS7AI score0.01001EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2022/09/28 12:0 a.m.52 views

CVE-2022-39249

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be...

7.5CVSS8.1AI score0.00946EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/09/28 12:0 a.m.63 views

CVE-2022-39236

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the...

5.3CVSS6.5AI score0.01001EPSS
Exploits0
OSV
OSV
added 2022/09/28 12:0 a.m.20 views

CVE-2022-39251 Matrix Javascript SDK vulnerable to Olm/Megolm protocol confusion

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a...

8.6CVSS8.3AI score0.00872EPSS
Exploits0References7
OSV
OSV
added 2022/09/01 12:0 a.m.1 views

UBUNTU-CVE-2022-36059

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data...

8.2CVSS6.7AI score0.0094EPSS
Exploits0References6
Rows per page
Query Builder