Lucene search
K

6 matches found

Vulnrichment
Vulnrichment
added 2025/07/10 6:28 p.m.4 views

CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation

The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...

7.7CVSS8AI score0.00254EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/12/03 12:0 a.m.4 views

Element Synapse 安全漏洞

Element Synapse is an open source Matrix Home Server implementation from Element Open Source. A security vulnerability exists in Element Synapse that stems from the Sliding Sync feature that may leak some room state changes to users who are no longer in the room...

4.3CVSS6.3AI score0.00427EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/23 5:26 p.m.19 views

CVE-2024-31208 Synapse's V2 state resolution weakness allows DoS from remote room members

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

6.5CVSS7.2AI score0.01463EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/04/23 5:26 p.m.54 views

CVE-2024-31208 Synapse's V2 state resolution weakness allows DoS from remote room members

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References6
PyPA
PyPA
added 2021/08/31 5:15 p.m.6 views

PYSEC-2021-425

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS6.8AI score0.01457EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/08/31 5:15 p.m.1 views

UBUNTU-CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.1CVSS6.5AI score0.01457EPSS
Exploits0References6
Rows per page
Query Builder