Matrix-react-sdk
This hub aggregates every CVE we track for Matrix-react-sdk, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
8
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
MEDIUM4HIGH3LOW1
Monthly trend
0
1
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 8 most recently published vulnerabilities affecting Matrix-react-sdk.
- CVE-2024-47824Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room5.3
- CVE-2024-42347URL preview setting for a room is controllable by the homeserver in matrix-react-sdk7.7
- CVE-2023-37259Cross site scripting in Export Chat feature6.1
- CVE-2023-30609matrix-react-sdk vulnerable to HTML injection in search results via plaintext message highlighting5.4
- CVE-2022-36060Prototype pollution in matrix-react-sdk8.2
- CVE-2023-28103Prototype pollution in matrix-react-sdk8.2
- CVE-2021-32622File upload local preview can run embedded scripts after user interaction4.2
- CVE-2021-21320User content sandbox can be confused into opening arbitrary documents2.6
Product normalization is registry-driven with AI assist and human review. How it works