Lucene search
MitreCVELIST:CVE-2021-40823HistorySep 13, 2021 - 6:45 p.m.
CVE-2021-40823
2021-09-1318:45:50
mitre
www.cve.org
3
logic error
room key sharing
theft of encryption keys
matrix javascript sdk
encrypted room
A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. This allows the homeserver to decrypt end-to-end encrypted messages sent by affected clients.
Related
osv
osv
matrix-js-sdk can be tricked into disclosing E2EE room keys to a participating homeserver
2021-09-14 20:24:18
CVE-2021-40823
2021-09-13 19:15:19
alpinelinux
alpinelinux
CVE-2021-40823
2021-09-13 19:15:19
archlinux
archlinux
[ASA-202109-4] element-desktop: information disclosure
2021-09-14 00:00:00
[ASA-202109-5] element-web: information disclosure
2021-09-14 00:00:00
github
github
prion
prion
Code injection
2021-09-13 19:15:00
debiancve
debiancve
CVE-2021-40823
2021-09-13 19:15:19
ubuntucve
ubuntucve
CVE-2021-40823
2021-09-13 00:00:00
nvd
nvd
CVE-2021-40823
2021-09-13 19:15:19
cve
cve
CVE-2021-40823
2021-09-13 19:15:19
nessus
nessus
freebsd
freebsd
Matrix clients -- several vulnerabilities
2021-08-23 00:00:00