FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Matrix clients -- several vulnerabilities

Affected packages
cinny < 2.1.3
element-web < 1.11.4

Details

VuXML ID e4d93d07-297a-11ed-95f8-901b0e9408dc
Discovery 2022-08-31
Entry 2022-08-31

Matrix developers report:

The vulnerabilities give an adversary who you share a room with the ability to carry out a denial-of-service attack against the affected clients, making it not show all of a user's rooms or spaces and/or causing minor temporary corruption.

[source]

References

CVE Name CVE-2022-36059
CVE Name CVE-2022-36060
URL https://matrix.org/blog/2022/08/31/security-releases-matrix-js-sdk-19-4-0-and-matrix-react-sdk-3-53-0

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.