org.matrix.android:matrix-android-sdk2

Maven3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting org.matrix.android:matrix-android-sdk2page 1 of 1

CVE-2021-40824MEDIUMCVSS 5.9EG 5.9✓ Fixed in 1.2.2
2021-09-13
vulnerable: 0.0.2, 1.2.1
A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) before 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryptio…
CVE-2022-39246HIGHCVSS 7.5EG 7.5✓ Fixed in 1.5.1
2022-09-28
vulnerable: 0.0.2 ... 1.4.4 (24 versions)
matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shie…
CVE-2022-39248HIGHCVSS 8.6EG 8.6✓ Fixed in 1.5.1
2022-09-28
vulnerable: 0.0.2 ... 1.4.4 (24 versions)
matrix-android-sdk2 is the Matrix SDK for Android. Prior to version 1.5.1, an attacker cooperating with a malicious homeserver can construct messages that legitimately appear to have come from another person, without any indication such as…

Check whether org.matrix.android:matrix-android-sdk2 is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for org.matrix.android:matrix-android-sdk2 CVEs against the assets you own.

Start Free Scan →