VYPR

crates.io package

matrix-sdk-base

pkg:cargo/matrix-sdk-base

Vulnerabilities (2)

  • CVE-2025-66622Dec 9, 2025
    affected < 0.16.0fixed 0.16.0

    matrix-sdk-base is the base component to build a Matrix client library. Versions 0.14.1 and prior are unable to handle responses that include custom m.room.join_rules values due to a serialization bug. This can be exploited to cause a denial-of-service condition, if a user is inv

  • CVE-2025-59047LowSep 11, 2025
    affected < 0.14.1fixed 0.14.1

    matrix-sdk-base is the base component to build a Matrix client library. In matrix-sdk-base before 0.14.1, calling the `RoomMember::normalized_power_level()` method can cause a panic if a room member has a power level of `Int::Min`. The issue is fixed in matrix-sdk-base 0.14.1. Th