Published: 28/03/2023 Updated: 05/04/2023

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 0

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions before 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This issue has been fixed in matrix-js-sdk 19.4.0 and users are advised to upgrade. Users unable to upgrade may mitigate this issue by redacting applicable events, waiting for the sync processor to store data, and restarting the client. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible.

Vulnerable Product	Search on Vulmon	Subscribe to Product
matrix javascript sdk

Debian Bug report logs - #1018970 node-matrix-js-sdk: CVE-2022-36059 Package: src:node-matrix-js-sdk; Maintainer for src:node-matrix-js-sdk is Matrix Packaging Team <pkg-matrix-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 2 Sep 2022 19:33:02 UTC Severity: gra ...

Several security issues were fixed in Thunderbird ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as h ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as h ...

Synopsis Important: thunderbird security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for thunderbird is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Security ...

Mozilla Foundation Security Advisory 2022-38 Security Vulnerabilities fixed in Thunderbird 10221 Announced August 31, 2022 Impact high Products Thunderbird Fixed in Thunderbird 10221 ...

CWE-1321 https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-rfv9-x7hh-xc32 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018970 https://ubuntu.com/security/notices/USN-5663-1 https://nvd.nist.gov

CVE-2022-36059

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect