Vulnerabilities > Matrix > Javascript SDK > 0.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-13 | CVE-2021-40823 | Authentication Bypass by Spoofing vulnerability in Matrix Javascript SDK A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. | 5.9 |