Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

UbuntuCve
UbuntuCveadded 2023/04/14 7:15 p.m.13 views

CVE-2023-29529

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5.3CVSS6.1AI score0.00184EPSS
Exploits0References4
Cvelist
Cvelistadded 2023/04/14 6:21 p.m.11 views

CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5CVSS5.3AI score0.00184EPSS
Exploits0References3
CVE
CVEadded 2023/04/14 6:21 p.m.58 views

CVE-2023-29529

Summary: CVE-2023-29529 affects matrix-js-sdk (Matrix Client-Server SDK for JavaScript/TypeScript) and describes a group-call eavesdropping vulnerability. The issue arises because the group call implementation accepts incoming direct calls from other users during an MSC3401 group call, even if th...

5.3CVSS4.9AI score0.00184EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2023/04/14 6:21 p.m.10 views

CVE-2023-29529 matrix-js-sdk vulnerable to invisible eavesdropping in group calls

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker...

5CVSS5.1AI score0.00184EPSS
Exploits0References5
OSV
OSVadded 2023/04/14 4:14 p.m.20 views

GHSA-6G67-Q39G-R79Q matrix-js-sdk vulnerable to invisible eavesdropping in group calls

Impact An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk users, the attacker will not appear to be participating in the call. This attack is possibl...

5CVSS4.9AI score0.00184EPSS
Exploits0References5
Rows per page
Query Builder