Skip to main content

Javascript Sdk

9 CVEs product

Monthly

CVE-2024-42369 npm MEDIUM PATCH This Month

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Javascript Sdk
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-29529 npm MEDIUM PATCH This Month

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Javascript Sdk
NVD GitHub
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-28427 npm HIGH PATCH This Week

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Prototype Pollution Javascript Sdk
NVD GitHub
CVSS 3.1
8.2
EPSS
1.2%
CVE-2022-39250 npm HIGH PATCH This Week

Matrix JavaScript SDK is the Matrix Client-Server software development kit (SDK) for JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Javascript Sdk
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-39251 npm HIGH PATCH This Week

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Javascript Sdk
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-39249 npm HIGH PATCH This Week

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Javascript Sdk
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-39236 npm MEDIUM PATCH This Month

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Javascript Sdk
NVD GitHub
CVSS 3.1
5.3
EPSS
1.0%
CVE-2021-44538 CRITICAL PATCH Act Now

The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Element Javascript Sdk Olm Schildichat +2
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-40823 npm MEDIUM PATCH This Month

A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Javascript Sdk
NVD GitHub
CVSS 3.1
5.9
EPSS
0.7%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Javascript Sdk
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Javascript Sdk
NVD GitHub
EPSS 1% CVSS 8.2
HIGH PATCH This Week

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Prototype Pollution Javascript Sdk
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Matrix JavaScript SDK is the Matrix Client-Server software development kit (SDK) for JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Javascript Sdk
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Javascript Sdk
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Javascript Sdk
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Javascript Sdk
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Element Javascript Sdk +4
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Javascript Sdk
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy