pkg:npm/matrix-react-sdk

9 total CVEsHIGH3MEDIUM4LOW1

✅ Check your installed version

All known vulnerabilities

  • HIGH8.2CVE-2023-30609HTML injection in search results via plaintext message highlighting
    from 0, < 3.71.0
  • HIGH8.2CVE-2023-28103Prototype pollution in matrix-react-sdk
    from 0, < 3.69.0
  • HIGH7.2CVE-2022-36060matrix-react-sdk Prototype pollution vulnerability
    from 0, < 3.53.0
  • MEDIUM6.1CVE-2023-37259matrix-react-sdk vulnerable to XSS in Export Chat feature
    >= 3.32.0, < 3.76.0
  • MEDIUM4.2CVE-2021-32622Improper file handling in matrix-react-sdk
    from 0, < 3.21.0
  • MEDIUM4.2CVE-2021-32622Improper file handling in matrix-react-sdk
    from 0, < 3.21.0
  • MEDIUM4.1CVE-2024-42347Matrix SDK for React's URL preview setting for a room is controllable by the homeserver
    from 0, < 3.105.1
  • LOW2.6CVE-2021-21320User content sandbox can be confused into opening arbitrary documents
    from 0, < 3.15.0
  • NONE0.0CVE-2024-47824Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
    >= 3.18.0, < 3.102.0