Vulnerabilities > Matrix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-20 | CVE-2024-42369 | Uncontrolled Recursion vulnerability in Matrix Javascript SDK matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. | 5.3 |
| 2024-08-06 | CVE-2024-42347 | Unspecified vulnerability in Matrix Matrix-React-Sdk matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. | 6.5 |
| 2023-10-31 | CVE-2023-43796 | Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. | 5.3 |
| 2023-10-10 | CVE-2023-45129 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. | 4.9 |
| 2023-09-27 | CVE-2023-43656 | Unspecified vulnerability in Matrix Hookshot matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. | 9.0 |
| 2023-09-27 | CVE-2023-41335 | Cleartext Storage of Sensitive Information vulnerability in multiple products Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. | 3.7 |
| 2023-09-27 | CVE-2023-42453 | Improper Authorization vulnerability in multiple products Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. | 4.3 |
| 2023-08-04 | CVE-2023-38700 | Unspecified vulnerability in Matrix IRC Bridge matrix-appservice-irc is a Node.js IRC bridge for Matrix. | 3.7 |
| 2023-08-04 | CVE-2023-38690 | Command Injection vulnerability in Matrix IRC Bridge matrix-appservice-irc is a Node.js IRC bridge for Matrix. | 9.8 |
| 2023-08-04 | CVE-2023-38691 | Improper Authentication vulnerability in Matrix Matrix-Appservice-Bridge matrix-appservice-bridge provides an API for setting up bridges. | 6.5 |