2 matches found
CVE-2023-29529
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...
CVE-2023-40108
CVE-2023-40108 describes an information-disclosure vulnerability in Google Android where a lack of permission checking can allow access to media content belonging to other users without executing code or requiring user interaction. The CVE notes a local access vector with medium base score (5.5) ...