CVE-2024-47080

CVE-2024-47080 affects matrix-js-sdk (Matrix Client-Server SDK for JavaScript/TypeScript). In versions 9.11.0–34.7.0, MatrixClient.sendSharedHistoryKeys is vulnerable to interception by malicious homeservers because it unconditionally sends shared history keys to all invited devices, regardless o...