Medium severity4.3OSV Advisory· Published Jan 7, 2025· Updated Apr 15, 2026
CVE-2024-52813
CVE-2024-52813
Description
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Versions of the matrix-sdk-crypto Rust crate before 0.8.0 lack a dedicated mechanism to notify that a user's cryptographic identity has changed from a verified to an unverified one, which could cause client applications relying on the SDK to overlook such changes. matrix-sdk-crypto 0.8.0 adds a new VerificationLevel::VerificationViolation enum variant which indicates that a previously verified identity has been changed.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
matrix-sdk-cryptocrates.io | < 0.8.0 | 0.8.0 |
Affected products
3- Range: 0.1.0, 0.7.0, matrix-qrcode-0.2.0, …
- ghsa-coords2 versions
< 0.8.0+ 1 more
- (no CPE)range: < 0.8.0
- (no CPE)range: < 20250204-1.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.