Vulnerabilidades em matrix-org
80 resultadosCVE-2021-29432MEDIUMMalicious users could control the content of invitation emailsEPSS 0.9%CVE-2022-36059HIGHPrototype pollution in matrix-js-sdkEPSS 0.9%CVE-2022-39250HIGHMatrix JavaScript SDK vulnerable to key/device identifier confusion in SAS verificationEPSS 0.9%CVE-2021-29433MEDIUMDenial of service (via resource exhaustion) due to improper input validationEPSS 0.9%CVE-2021-21320LOWUser content sandbox can be confused into opening arbitrary documentsEPSS 0.9%CVE-2022-29166HIGHImproper handling of multiline messages in matrix-appservice-ircEPSS 0.9%CVE-2022-36060HIGHPrototype pollution in matrix-react-sdkEPSS 0.9%CVE-2022-31152MEDIUMSynapse vulnerable to denial of service (DoS) due to incorrect application of event authorization rulesEPSS 0.9%CVE-2023-43796MEDIUMSynapse vulnerable to leak of remote user device informationEPSS 0.9%CVE-2021-21392MEDIUMOpen redirect via transitional IPv6 addresses on dual-stack networksEPSS 0.9%CVE-2022-39251HIGHMatrix Javascript SDK vulnerable to Olm/Megolm protocol confusionEPSS 0.9%CVE-2021-39163LOWAdding a private/unlisted room to a community exposes room metadata in an unauthorised manner.EPSS 0.9%CVE-2024-50336MEDIUMmatrix-js-sdk has insufficient MXC URI validation which allows client-side path traversalEPSS 0.8%CVE-2022-41952MEDIUMUncontrolled Resource Consumption in Matrix Synapse EPSS 0.8%CVE-2023-38690MEDIUMmatrix-appservice-irc IRC command injection via admin commands containing newlines EPSS 0.8%CVE-2023-32682MEDIUMImproper checks for deactivated users during login in synapseEPSS 0.8%CVE-2022-39257HIGHMatrix iOS SDK vulnerable to impersonation via forwarded Megolm sessionsEPSS 0.7%CVE-2022-39255HIGHMatrix iOS SDK vulnerable ton Olm/Megolm protocol confusionEPSS 0.7%CVE-2022-39248HIGHmatrix-android-sdk2 vulnerable to Olm/Megolm protocol confusionEPSS 0.7%CVE-2023-28103HIGHPrototype pollution in matrix-react-sdkEPSS 0.7%