Lucene search
Veracode Vulnerability DatabaseVERACODE:37332HistorySep 29, 2022 - 7:18 a.m.
Denial Of Service (DoS)
2022-09-2907:18:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
matrix-js-sdk
denial of service
vulnerability
senderkey
beacon events
malicious event
0.001 Low
EPSS
Percentile
50.1%
matrix-js-sdk is vulnerable to denial of service attacks. The vulnerability exists in the senderKey parameter inmegolm.js due to improperly formed beacon events which allows an attacker to craft a malicious event and crash the system.
References
github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76
github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0
github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-hvv8-5v86-r45x
github.com/matrix-org/matrix-spec-proposals/pull/3488
security.gentoo.org/glsa/202210-35
Related
alpinelinux
alpinelinux
CVE-2022-39236
2022-09-28 17:15:11
prion
prion
Design/Logic Flaw
2022-09-28 17:15:00
github
github
Improper beacon events in matrix-js-sdk can result in availability issues
2022-09-29 14:36:38
osv
osv
Improper beacon events in matrix-js-sdk can result in availability issues
2022-09-29 14:36:38
CVE-2022-39236
2022-09-28 17:15:11
Important: thunderbird security update
2022-10-25 00:00:00
redhatcve
redhatcve
CVE-2022-39236
2022-10-17 14:18:37
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2022-39236
2022-09-28 00:00:00
cve
cve
CVE-2022-39236
2022-09-28 17:15:11
nvd
nvd
CVE-2022-39236
2022-09-28 17:15:11
debiancve
debiancve
CVE-2022-39236
2022-09-28 17:15:11
openvas
openvas
Mageia: Security Advisory (MGASA-2022-0355)
2022-10-03 00:00:00
Mozilla Thunderbird Security Advisory (MFSA2022-43) - Mac OS X
2022-09-30 00:00:00
Slackware: Security Advisory (SSA:2022-273-01)
2022-10-03 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2022-09-30 18:00:22
nessus
nessus
Mozilla Thunderbird < 102.3.1
2022-09-29 00:00:00
Fedora 36 : thunderbird (2022-df4ffc6551)
2022-12-22 00:00:00
kaspersky
kaspersky
KLA19266 Multiple vulnerabilities in Mozilla Thunderbird
2022-09-28 00:00:00
freebsd
freebsd
Matrix clients -- several vulnerabilities
2022-09-23 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 102.3.1-alt1
2022-10-10 00:00:00
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 102.3.1 — Mozilla
2022-09-28 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerability
2022-10-01 20:48:24
almalinux
almalinux
Important: thunderbird security update
2022-10-25 00:00:00
Important: thunderbird security update
2022-10-25 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2022-10-27 00:00:00
thunderbird security update
2022-10-27 00:00:00
thunderbird security update
2022-10-27 00:00:00
redhat
redhat
(RHSA-2022:7178) Important: thunderbird security update
2022-10-25 13:48:26
(RHSA-2022:7181) Important: thunderbird security update
2022-10-25 14:12:25
(RHSA-2022:7183) Important: thunderbird security update
2022-10-25 14:13:27
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2022-10-31 00:00:00
rocky
rocky
thunderbird security update
2022-10-25 14:29:50
suse
suse
Security update for MozillaThunderbird (important)
2022-10-27 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2022-11-11 00:00:00
amazon
amazon
Important: thunderbird
2022-12-01 20:32:00
Important: thunderbird
2022-12-01 20:32:00