8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
0.004 Low
EPSS
Percentile
73.1%
The Mozilla Foundation Security Advisory describes this flaw as: Thunderbird users who use the Matrix chat protocol were vulnerable to a denial-of-service attack.
bugzilla.redhat.com/show_bug.cgi?id=2183278
github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-mwq8-fjpf-c2gr
matrix.org/blog/2023/03/28/security-releases-matrix-js-sdk-24-0-0-and-matrix-react-sdk-3-69-0
nvd.nist.gov/vuln/detail/CVE-2023-28427
www.cve.org/CVERecord?id=CVE-2023-28427
www.mozilla.org/en-US/security/advisories/mfsa2023-12/#CVE-2023-28427