Lucene search
Veracode Vulnerability DatabaseVERACODE:37340HistorySep 29, 2022 - 7:20 p.m.
Impersonation Via Forwarded Sessions
2022-09-2919:20:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
impersonation
forwarded sessions
matrix sdk
vulnerability
malicious homeserver
0.001 Low
EPSS
Percentile
47.4%
Matrix SDK is vulnerable to message impersonation. An attacker with a malicious homeserver can construct messages appearing to have come from a specific person.
References
github.com/matrix-org/matrix-js-sdk/commit/a587d7c36026fe1fcf93dfff63588abee359be76
github.com/matrix-org/matrix-js-sdk/releases/tag/v19.7.0
github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-6263-x97c-c4gg
github.com/matrix-org/matrix-spec-proposals/pull/3061
matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients
security.gentoo.org/glsa/202210-35
Related
ubuntucve
ubuntucve
CVE-2022-39249
2022-09-28 00:00:00
nvd
nvd
CVE-2022-39249
2022-09-28 20:15:16
cve
cve
CVE-2022-39249
2022-09-28 20:15:16
redhatcve
redhatcve
CVE-2022-39249
2022-10-17 14:18:48
debiancve
debiancve
CVE-2022-39249
2022-09-28 20:15:16
osv
osv
CVE-2022-39249
2022-09-28 20:15:16
Important: thunderbird security update
2022-10-25 00:00:00
prion
prion
Design/Logic Flaw
2022-09-28 20:15:00
alpinelinux
alpinelinux
CVE-2022-39249
2022-09-28 20:15:16
github
github
cvelist
cvelist
freebsd
freebsd
Matrix clients -- several vulnerabilities
2022-09-23 00:00:00
nessus
nessus
Mozilla Thunderbird < 102.3.1
2022-09-29 00:00:00
Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2022-273-01)
2022-09-30 00:00:00
Fedora 36 : thunderbird (2022-df4ffc6551)
2022-12-22 00:00:00
kaspersky
kaspersky
KLA19266 Multiple vulnerabilities in Mozilla Thunderbird
2022-09-28 00:00:00
slackware
slackware
[slackware-security] mozilla-thunderbird
2022-09-30 18:00:22
mozilla
mozilla
Security Vulnerabilities fixed in Thunderbird 102.3.1 — Mozilla
2022-09-28 00:00:00
mageia
mageia
Updated thunderbird packages fix security vulnerability
2022-10-01 20:48:24
altlinux
altlinux
Security fix for the ALT Linux 10 package thunderbird version 102.3.1-alt1
2022-10-10 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2022-273-01)
2022-10-03 00:00:00
Mozilla Thunderbird Security Advisory (MFSA2022-43) - Mac OS X
2022-09-30 00:00:00
Mageia: Security Advisory (MGASA-2022-0355)
2022-10-03 00:00:00
redhat
redhat
(RHSA-2022:7178) Important: thunderbird security update
2022-10-25 13:48:26
(RHSA-2022:7183) Important: thunderbird security update
2022-10-25 14:13:27
(RHSA-2022:7181) Important: thunderbird security update
2022-10-25 14:12:25
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2022-10-31 00:00:00
oraclelinux
oraclelinux
thunderbird security update
2022-10-27 00:00:00
thunderbird security update
2022-10-27 00:00:00
thunderbird security update
2022-10-27 00:00:00
almalinux
almalinux
Important: thunderbird security update
2022-10-25 00:00:00
Important: thunderbird security update
2022-10-25 00:00:00
rocky
rocky
thunderbird security update
2022-10-25 14:29:50
suse
suse
Security update for MozillaThunderbird (important)
2022-10-27 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2022-11-11 00:00:00
amazon
amazon
Important: thunderbird
2022-12-01 20:32:00
Important: thunderbird
2022-12-01 20:32:00