Vulnerabilities > Matrix > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-12 | CVE-2022-39200 | Improper Verification of Cryptographic Signature vulnerability in Matrix Dendrite Dendrite is a Matrix homeserver written in Go. | 5.3 |
| 2022-06-28 | CVE-2022-31052 | Uncontrolled Recursion vulnerability in multiple products Synapse is an open source home server implementation for the Matrix chat network. | 6.5 |
| 2021-09-13 | CVE-2021-40823 | Authentication Bypass by Spoofing vulnerability in Matrix Javascript SDK A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. | 5.9 |
| 2021-09-13 | CVE-2021-40824 | Authentication Bypass by Spoofing vulnerability in Matrix Element and Matrix-Android-Sdk2 A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. | 5.9 |
| 2021-06-16 | CVE-2021-32659 | Missing Authentication for Critical Function vulnerability in Matrix Matrix-Appservice-Bridge Matrix-appservice-bridge is the bridging service for the Matrix communication program's application services. | 4.9 |
| 2021-05-11 | CVE-2021-29471 | Insufficient Entropy vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 5.3 |
| 2021-04-15 | CVE-2021-29432 | Unspecified vulnerability in Matrix Sydent Sydent is a reference matrix identity server. | 5.7 |
| 2021-04-15 | CVE-2021-29431 | Server-Side Request Forgery (SSRF) vulnerability in Matrix Sydent Sydent is a reference Matrix identity server. | 6.5 |
| 2021-04-15 | CVE-2021-29433 | Improper Input Validation vulnerability in Matrix Sydent Sydent is a reference Matrix identity server. | 4.3 |
| 2021-04-12 | CVE-2021-21393 | Improper Input Validation vulnerability in multiple products Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). | 6.5 |