matrix-js-sdk@33.0.0-rc.0 vulnerabilities
Matrix Client-Server SDK for Javascript
-
latest version
34.12.0
-
latest non vulnerable version
-
first published
10 years ago
-
latest version published
6 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the matrix-js-sdk package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
matrix-js-sdk is a Matrix Client-Server SDK for Javascript Affected versions of this package are vulnerable to Directory Traversal via crafted MXC URIs. An attacker can issue arbitrary authenticated GET requests to the client's homeserver by exploiting insufficient validation of the How to fix Directory Traversal? Upgrade |
<34.11.1
|
matrix-js-sdk is a Matrix Client-Server SDK for Javascript Affected versions of this package are vulnerable to Improper Authentication through the Note: This vulnerability does not affect users using the new Rust cryptography stack (i.e., those that call How to fix Improper Authentication? Upgrade |
>=9.11.0 <34.8.0
|
matrix-js-sdk is a Matrix Client-Server SDK for Javascript Affected versions of this package are vulnerable to Uncontrolled Recursion via the How to fix Uncontrolled Recursion? Upgrade |
<34.3.1
|