All 2 CVE vulnerabilities found in matrix-appservice-bridge, with AI-generated Chinese analysis, references, and POCs.
Vendor: matrix-org
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2023-38691 | matrix-appservice-bridge doesn't verify the sub parameter of an openId token exhange, allowing unauthorized access to provisioning APIs CWE-287 | 5.0 | Medium | 2023-08-04 |
| CVE-2021-32659 | Automatic room upgrade handling can be used maliciously to bridge a room non-consentually CWE-306 | 6.5 | Medium | 2021-06-16 |
All 2 known CVE vulnerabilities affecting matrix-appservice-bridge with full Chinese analysis, references, and POCs where available.