Maven package
org.matrix.android/matrix-android-sdk2
pkg:maven/org.matrix.android/matrix-android-sdk2
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-39248 | — | < 1.5.1 | 1.5.1 | Sep 28, 2022 | matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophistic | ||
| CVE-2022-39246 | — | < 1.5.1 | 1.5.1 | Sep 28, 2022 | matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be mis | ||
| CVE-2021-40824 | — | < 1.2.2 | 1.2.2 | Sep 13, 2021 | A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messa |
- CVE-2022-39248Sep 28, 2022affected < 1.5.1fixed 1.5.1
matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as a grey shield. Additionally, a sophistic
- CVE-2022-39246Sep 28, 2022affected < 1.5.1fixed 1.5.1
matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be mis
- CVE-2021-40824Sep 13, 2021affected < 1.2.2fixed 1.2.2
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messa