Vulnerabilities > Matrix > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-09-12 CVE-2022-39200 Unspecified vulnerability in Matrix Dendrite
Dendrite is a Matrix homeserver written in Go.
network
low complexity
matrix
5.3
2022-06-28 CVE-2022-31052 Synapse is an open source home server implementation for the Matrix chat network.
network
low complexity
matrix fedoraproject
6.5
2021-09-13 CVE-2021-40823 Authentication Bypass by Spoofing vulnerability in Matrix Javascript SDK
A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room.
network
high complexity
matrix CWE-290
5.9
2021-09-13 CVE-2021-40824 Authentication Bypass by Spoofing vulnerability in Matrix Element and Matrix-Android-Sdk2
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room.
network
high complexity
matrix CWE-290
5.9
2021-06-16 CVE-2021-32659 Unspecified vulnerability in Matrix Matrix-Appservice-Bridge
Matrix-appservice-bridge is the bridging service for the Matrix communication program's application services.
network
low complexity
matrix
4.9
2021-05-11 CVE-2021-29471 Insufficient Entropy vulnerability in multiple products
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).
network
low complexity
matrix fedoraproject CWE-331
5.3
2021-04-15 CVE-2021-29432 Unspecified vulnerability in Matrix Sydent
Sydent is a reference matrix identity server.
network
low complexity
matrix
5.7
2021-04-15 CVE-2021-29431 Unspecified vulnerability in Matrix Sydent
Sydent is a reference Matrix identity server.
network
low complexity
matrix
6.5
2021-04-15 CVE-2021-29433 Unspecified vulnerability in Matrix Sydent
Sydent is a reference Matrix identity server.
network
low complexity
matrix
4.3
2021-04-12 CVE-2021-21393 Improper Input Validation vulnerability in multiple products
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse).
network
low complexity
matrix fedoraproject CWE-20
6.5