22 matches found
EUVD-2021-1944
Malware in sbrugna...
EUVD-2022-4389
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-40823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an...
Logic error in Matrix SDK for Android
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 aka Matrix SDK for Android before 1.2.2 leads to a situation where identity verification is inadequate and thus a key-requesting device can be impersonated...
GHSA-JJMC-4P83-PP26 Logic error in Matrix SDK for Android
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 aka Matrix SDK for Android before 1.2.2 leads to a situation where identity verification is inadequate and thus a key-requesting device can be impersonated...
matrix-js-sdk can be tricked into disclosing E2EE room keys to a participating homeserver
Impact A logic error in the room key sharing functionality of matrix-js-sdk before 12.4.1 allows a malicious Matrix homeserver† participating in an encrypted room to steal room encryption keys from affected Matrix clients participating in that room. This allows the homeserver to decrypt end-to-en...
DEBIAN-CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
CVE-2021-40824
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 aka Matrix SDK for Android before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were...
CVE-2021-40824
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 aka Matrix SDK for Android before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were...
Code injection
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
Code injection
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 aka Matrix SDK for Android before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were...
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
UBUNTU-CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
CVE-2021-40824
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 aka Matrix SDK for Android before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were...
CVE-2021-40823
CVE-2021-40823 affects matrix-js-sdk and related Element client variants. A logic error in the room key sharing functionality prior to version 12.4.1 allows a malicious Matrix homeserver participating in an encrypted room to steal room encryption keys originally sent by affected clients, enabling...
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...
Matrix 加密问题漏洞
Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. A cryptographic issue vulnerability exists in versions of Matrix Javascript SDK prior to 12.4.1, which stems from a logic error in a device's room key sharing functionality that results in insufficient...
Element Android 加密问题漏洞
Element Android is the Android Matrix client provided by Element. A cryptographic issue vulnerability exists in Element Android prior to version 1.2.2 and matrix-android-sdk2 prior to version 1.2.2, which stems from a logic error in the device's room key sharing functionality that results in...