Matrix-js-sdk
This hub aggregates every CVE we track for Matrix-js-sdk, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
10
CVEs tracked
0
Critical
5
High
0
In CISA KEV
Severity distribution
HIGH5MEDIUM5
Monthly trend
0
1
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 10 most recently published vulnerabilities affecting Matrix-js-sdk.
- CVE-2024-47080matrix-js-sdk keys sent via `sendSharedHistoryKeys` vulnerable to interception by malicious homeserver5.3
- CVE-2024-42369A room with itself as a its predecessor will freeze matrix-js-sdk4.1
- CVE-2023-29529matrix-js-sdk vulnerable to invisible eavesdropping in group calls5.0
- CVE-2023-28427Prototype pollution in matrix-js-sdk8.2
- CVE-2022-36059Prototype pollution in matrix-js-sdk8.2
- CVE-2022-39250Matrix JavaScript SDK vulnerable to key/device identifier confusion in SAS verification8.6
- CVE-2022-39251Matrix Javascript SDK vulnerable to Olm/Megolm protocol confusion8.6
- CVE-2022-39249Matrix Javascript SDK vulnerable to impersonation via forwarded Megolm sessions7.5
- CVE-2022-39236Matrix Javascript SDK improper beacon events can cause availability issues4.3
- CVE-2021-40823A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryp...5.9
Product normalization is registry-driven with AI assist and human review. How it works