OsVault/npm/matrix-js-sdk
npm

matrix-js-sdk

10 known vulnerabilities · 0 critical · 5 high

CVE-2022-39236MEDIUM

Improper beacon events in matrix-js-sdk can result in availability issues

Published Sep 29, 2022
CVE-2021-40823MEDIUM

matrix-js-sdk can be tricked into disclosing E2EE room keys to a participating homeserver

Published Sep 14, 2021
CVE-2022-36059HIGH

matrix-js-sdk Prototype Pollution vulnerability

Published Mar 28, 2023
CVE-2024-42369MEDIUM

matrix-js-sdk will freeze when a user sets a room with itself as a its predecessor

Published Aug 20, 2024
CVE-2022-39250HIGH

matrix-js-sdk subject to user impersonation due to key/device identifier confusion in SAS verification

Published Sep 30, 2022
CVE-2024-47080

Matrix JavaScript SDK's key history sharing could share keys to malicious devices

Published Oct 15, 2024
CVE-2023-29529MEDIUM

matrix-js-sdk vulnerable to invisible eavesdropping in group calls

Published Apr 14, 2023
CVE-2022-39249HIGH

matrix-js-sdk subject to impersonated messages due to permissive key forwarding

Published Sep 30, 2022
CVE-2023-28427HIGH

Prototype pollution in matrix-js-sdk (part 2)

Published Mar 30, 2023
CVE-2022-39251HIGH

matrix-js-sdk subject to user spoofing via Olm/Megolm protocol confusion

Published Sep 30, 2022
Check your entire dependency tree at onceRun dependency scan →