Every CVE whose affected-product data names Matrix Javascript Sdk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2021-44538 — CVSS 9.8 (critical): The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a…
CVE-2022-39251 — CVSS 8.6 (high): Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious…
CVE-2022-39250 — CVSS 8.6 (high): Matrix JavaScript SDK is the Matrix Client-Server software development kit (SDK) for JavaScript. Prior to version 19.7.0, an attacker…
CVE-2022-36059 — CVSS 8.2 (high): matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings…
CVE-2023-28427 — CVSS 8.2 (high): matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings…
CVE-2022-39249 — CVSS 7.5 (high): Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Prior to version 19.7.0, an attacker cooperating with a malicious…
CVE-2021-40823 — CVSS 5.9 (medium): A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix…
CVE-2023-29529 — CVSS 5.0 (medium): matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is…
CVE-2022-39236 — CVSS 4.3 (medium): Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events…
CVE-2024-42369 — CVSS 4.1 (medium): matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure…