131 matches found
EUVD-2022-4389
Malicious code in bioql PyPI...
EUVD-2025-21024
Malicious code in bioql PyPI...
EUVD-2024-1554
Malicious code in bioql PyPI...
EUVD-2022-41768
Malicious code in bioql PyPI...
EUVD-2025-28979
Malicious code in bioql PyPI...
CVE-2025-59160
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
CVE-2025-59160 matrix-js-sdk has insufficient validation when considering a room to be upgraded by another
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
GHSA-QHJ8-Q5R6-8Q6J matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method
In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min. Patches The issue is fixed in matrix-sdk-base 0.14.1. Workarounds The affected method isn’t used internally, so avoiding calling...
matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method
In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min. Patches The issue is fixed in matrix-sdk-base 0.14.1. Workarounds The affected method isn’t used internally, so avoiding calling...
CVE-2025-59047
matrix-sdk-base is the base component to build a Matrix client library. In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min. The issue is fixed in matrix-sdk-base 0.14.1. The affected method isn’t...
CVE-2025-59047 matrix-sdk-base has panic in the `RoomMember::normalized_power_level()` method
matrix-sdk-base is the base component to build a Matrix client library. In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min. The issue is fixed in matrix-sdk-base 0.14.1. The affected method isn’t...
CVE-2025-59047
matrix-sdk-base (pre-0.14.1) has a panic in RoomMember::normalized_power_level() when a member’s power level is Int::Min. The issue is fixed in matrix-sdk-base 0.14.1. The affected method isn’t used internally, so avoiding calls to RoomMember::normalized_power_level() can prevent the panic; upgra...
CVE-2025-59047 matrix-sdk-base has panic in the `RoomMember::normalized_power_level()` method
matrix-sdk-base is the base component to build a Matrix client library. In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min. The issue is fixed in matrix-sdk-base 0.14.1. The affected method isn’t...
RUSTSEC-2025-0065 matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method
In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min...
RUSTSEC-2025-0000 matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method
In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min...
matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method
In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min...
matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method
In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min...
PT-2025-37250
Name of the Vulnerable Software and Affected Versions: matrix-sdk-base versions prior to 0.14.1 Description: A panic can occur when calling the RoomMember::normalized power level method if a room member has a power level of Int::Min. Recommendations: Update to version 0.14.1 or later...
GHSA-275G-G844-73JH Matrix Rust SDK vulnerable to SQL Injection through its EventCache implementation
An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that directly pass relation types provided by those room members into this method, when used with the defau...
Matrix Rust SDK vulnerable to SQL Injection through its EventCache implementation
An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that directly pass relation types provided by those room members into this method, when used with the defau...