matrix-sdk-crypto
crates.io5 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting matrix-sdk-cryptopage 1 of 1
- CVE-2022-39252HIGHCVSS 8.6EG 8.6✓ Fixed in 0.6.02022-09-29
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust, and matrix-sdk-crypto is the Matrix encryption library. Prior to version 0.6, when a user requests a room key from their devices, the software correctly rememb…
- CVE-2024-34353MEDIUMCVSS 5.5EG 5.5✓ Fixed in 0.7.12024-05-14
vulnerable: 0.7.0
The matrix-sdk-crypto crate, part of the Matrix Rust SDK project, is an implementation of a Matrix end-to-end encryption state machine in Rust. In Matrix, the server-side `key backup` stores encrypted copies of Matrix message keys. This fa…
- CVE-2024-40648MEDIUMCVSS 5.4EG 5.4✓ Fixed in 0.7.22024-07-18
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. The `UserIdentity::is_verified()` method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's ow…
- CVE-2024-52813MEDIUMCVSS 4.3EG 4.3✓ Fixed in 0.8.02025-01-07
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. Versions of the matrix-sdk-crypto Rust crate before 0.8.0 lack a dedicated mechanism to notify that a user's cryptographic identity has changed from a verified…
- CVE-2025-48937MEDIUMCVSS 4.9EG 4.9✓ Fixed in 0.11.12025-06-10
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operat…
Check whether matrix-sdk-crypto is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for matrix-sdk-crypto CVEs against the assets you own.
Start Free Scan →