Vulnerabilities > Matrix > Javascript SDK > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-14 CVE-2023-29529 Unspecified vulnerability in Matrix Javascript SDK
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript.
network
low complexity
matrix
5.3
5.3
2022-09-28 CVE-2022-39236 Unspecified vulnerability in Matrix Javascript SDK
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript.
network
low complexity
matrix
5.3
5.3
2021-09-13 CVE-2021-40823 Authentication Bypass by Spoofing vulnerability in Matrix Javascript SDK
A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room.
network
high complexity
matrix CWE-290
5.9
5.9