[FREEBSD:CB902A77-3F43-11ED-9402-901B0E9408DC] Matrix clients -- several vulnerabilities
Severity
High
Affected Packages
2
CVEs
4
Matrix developers report:
Two critical severity vulnerabilities in end-to-end encryption were
found in the SDKs which power Element, Beeper, Cinny, SchildiChat,
Circuli, Synod.im and any other clients based on matrix-js-sdk,
matrix-ios-sdk or matrix-android-sdk2.
Package | Affected Version |
---|---|
pkg:freebsd/element-web | < 1.11.7 |
pkg:freebsd/cinny | < 2.2.1 |
- ID
- FREEBSD:CB902A77-3F43-11ED-9402-901B0E9408DC
- Severity
- high
- Severity from
- CVE-2022-39249
- URL
- http://vuxml.freebsd.org/freebsd/cb902a77-3f43-11ed-9402-901b0e9408dc.html
- Published
-
2022-09-23T00:00:00
(2 years ago) - Modified
-
2022-09-28T00:00:00
(2 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS2-2022-1900
- ALPINE:CVE-2022-39236
- ALPINE:CVE-2022-39249
- ALPINE:CVE-2022-39250
- ALPINE:CVE-2022-39251
- ALSA-2022:7178
- ALSA-2022:7190
- ELSA-2022-7178
- ELSA-2022-7184
- ELSA-2022-7190
- GLSA-202210-35
- MFSA-2022-43
- NPM:GHSA-5W8R-8PGJ-5JMF
- NPM:GHSA-6263-X97C-C4GG
- NPM:GHSA-HVV8-5V86-R45X
- NPM:GHSA-R48R-J8FX-MQ2C
- RHSA-2022:7178
- RHSA-2022:7184
- RHSA-2022:7190
- RLSA-2022:7190
- SSA:2022-273-01
- SUSE-SU-2022:3800-1
- USN-5724-1
Source | # ID | Name | URL |
---|---|---|---|
FreeBSD VuXML | https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/element-web | element-web | < 1.11.7 | ||||
Affected | pkg:freebsd/cinny | cinny | < 2.2.1 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |