| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-39257 | Matrix iOS SDK vulnerable to impersonation via forwarded Megolm sessions | matrix-org | matrix-ios-sdk | High | 7.5 | 2022-09-28 20:55:10 | Deep Dive |
| CVE-2022-39255 | Matrix iOS SDK vulnerable ton Olm/Megolm protocol confusion | matrix-org | matrix-ios-sdk | High | 8.6 | 2022-09-28 20:35:10 | Deep Dive |
| CVE-2022-39248 | matrix-android-sdk2 vulnerable to Olm/Megolm protocol confusion | matrix-org | matrix-android-sdk2 | High | 8.6 | 2022-09-28 20:05:12 | Deep Dive |
| CVE-2022-39246 | matrix-android-sdk2 vulnerable to impersonation via forwarded Megolm sessions | matrix-org | matrix-android-sdk2 | High | 7.5 | 2022-09-28 20:00:19 | Deep Dive |
| CVE-2022-39236 | Matrix Javascript SDK improper beacon events can cause availability issues | matrix-org | matrix-js-sdk | Medium | 4.3 | 2022-09-28 00:00:00 | Deep Dive |
| CVE-2022-39249 | Matrix Javascript SDK vulnerable to impersonation via forwarded Megolm sessions | matrix-org | matrix-js-sdk | High | 7.5 | 2022-09-28 00:00:00 | Deep Dive |
| CVE-2022-39251 | Matrix Javascript SDK vulnerable to Olm/Megolm protocol confusion | matrix-org | matrix-js-sdk | High | 8.6 | 2022-09-28 00:00:00 | Deep Dive |
| CVE-2022-39203 | Parsing issue in matrix-org/node-irc leading to room takeovers | matrix-org | matrix-appservice-irc | High | 8.8 | 2022-09-13 18:15:12 | Deep Dive |
| CVE-2022-39202 | IRC mode parameter confusion in matrix-appservice-irc | matrix-org | matrix-appservice-irc | Medium | 4.3 | 2022-09-13 18:10:15 | Deep Dive |
| CVE-2022-39200 | Signature checks not applied to some retrieved missing events | matrix-org | dendrite | High | 7.3 | 2022-09-12 20:10:09 | Deep Dive |
| CVE-2022-31152 | Synapse vulnerable to denial of service (DoS) due to incorrect application of event authorization rules | matrix-org | synapse | Medium | 6.4 | 2022-09-02 20:00:16 | Deep Dive |
| CVE-2022-36009 | Incorrect parsing of access level in gomatrixserverlib and dendrite | matrix-org | gomatrixserverlib | Medium | 5.0 | 2022-08-19 20:35:09 | Deep Dive |
| CVE-2022-34789 | Jenkins Plugin Matrix Reloaded 跨站请求伪造漏洞 | Jenkins project | Jenkins Matrix Reloaded Plugin | 中危 | - | 2022-06-30 17:47:04 | Deep Dive |
| CVE-2022-34788 | Jenkins Plugin Matrix Reloaded 跨站脚本漏洞 | Jenkins project | Jenkins Matrix Reloaded Plugin | 中危 | - | 2022-06-30 17:46:56 | Deep Dive |
| CVE-2022-31052 | URL previews can crash Synapse media repositories or Synapse monoliths | matrix-org | synapse | Medium | 6.5 | 2022-06-28 17:10:11 | Deep Dive |
| CVE-2022-29166 | Improper handling of multiline messages in matrix-appservice-irc | matrix-org | matrix-appservice-irc | High | 8.0 | 2022-05-05 23:05:14 | Deep Dive |
| CVE-2022-20615 | Jenkins Plugin 跨站脚本漏洞 | Jenkins project | Jenkins Matrix Project Plugin | 中危 | - | 2022-01-12 19:05:49 | Deep Dive |
| CVE-2021-41281 | Path traversal in Matrix Synapse | matrix-org | synapse | High | 7.5 | 2021-11-23 19:15:18 | Deep Dive |
| CVE-2021-39164 | Improper authorisation of /members discloses room membership to non-members | matrix-org | synapse | Low | 3.1 | 2021-08-31 16:20:10 | Deep Dive |
| CVE-2021-39163 | Adding a private/unlisted room to a community exposes room metadata in an unauthorised manner. | matrix-org | synapse | Low | 3.1 | 2021-08-31 16:00:11 | Deep Dive |