Lucene search
PRIOn knowledge basePRION:CVE-2023-28427HistoryMar 28, 2023 - 9:15 p.m.
Design/Logic Flaw
2023-03-2821:15:00
PRIOn knowledge base
www.prio-n.com
4
matrix-js-sdk
javascript
client-server
vulnerability
upgrade
data safety
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer’s ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This vulnerability is distinct from GHSA-rfv9-x7hh-xc32 which covers a similar issue. The issue has been patched in matrix-js-sdk 24.0.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.
| CPE | Name | Operator | Version |
|---|---|---|---|
| javascript_sdk | lt | 24.0.0 |
References
Related
kaspersky
kaspersky
KLA48708 DoS vulnerability in Mozilla Thunderbird
2023-03-28 00:00:00
nessus
nessus
Fedora 38 : thunderbird (2023-a9c17dff60)
2023-04-04 00:00:00
Fedora 36 : thunderbird (2023-0e1ae0d5f6)
2023-04-14 00:00:00
Mozilla Thunderbird < 102.9.1
2023-03-29 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerability
2023-04-11 22:02:20
nvd
nvd
CVE-2023-28427
2023-03-28 21:15:11
alpinelinux
alpinelinux
CVE-2023-28427
2023-03-28 21:15:11
openvas
openvas
Mozilla Thunderbird Security Advisory (MFSA2023-12) - Mac OS X
2023-03-31 00:00:00
Mageia: Security Advisory (MGASA-2023-0132)
2023-04-12 00:00:00
Slackware: Security Advisory (SSA:2023-088-01)
2023-03-30 00:00:00
debiancve
debiancve
CVE-2023-28427
2023-03-28 21:15:11
slackware
slackware
[slackware-security] mozilla-thunderbird
2023-03-29 21:19:17
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 102.9.1 — Mozilla
2023-03-28 00:00:00
veracode
veracode
Prototype Pollution
2023-04-04 09:55:51
osv
osv
CVE-2023-28427
2023-03-28 21:15:11
Prototype pollution in matrix-js-sdk (part 2)
2023-03-30 20:19:18
Important: thunderbird security update
2023-04-26 15:29:00
cvelist
cvelist
CVE-2023-28427 Prototype pollution in matrix-js-sdk
2023-03-28 20:32:22
cve
cve
CVE-2023-28427
2023-03-28 21:15:11
ubuntucve
ubuntucve
CVE-2023-28427
2023-03-28 00:00:00
redhatcve
redhatcve
CVE-2023-28427
2023-03-30 17:43:02
github
github
Prototype pollution in matrix-js-sdk (part 2)
2023-03-30 20:19:18
freebsd
freebsd
Matrix clients -- Prototype pollution in matrix-js-sdk
2023-03-28 00:00:00
debian
debian
[SECURITY] [DSA 5392-1] thunderbird security update
2023-04-22 16:10:59
[SECURITY] [DLA 3400-1] thunderbird security update
2023-04-24 08:55:14
oraclelinux
oraclelinux
thunderbird security update
2023-04-18 00:00:00
thunderbird security update
2023-04-18 00:00:00
thunderbird security update
2023-04-18 00:00:00
redhat
redhat
(RHSA-2023:1811) Important: thunderbird security update
2023-04-17 13:56:30
(RHSA-2023:1803) Important: thunderbird security update
2023-04-17 13:43:22
(RHSA-2023:1806) Important: thunderbird security update
2023-04-17 13:46:23
centos
centos
thunderbird security update
2023-04-24 14:49:28
rocky
rocky
thunderbird security update
2023-04-26 15:29:00
thunderbird security update
2023-04-26 15:28:13
almalinux
almalinux
Important: thunderbird security update
2023-04-17 00:00:00
Important: thunderbird security update
2023-04-17 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2023-05-30 00:00:00