We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-47824

Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room



Description

matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that room, via injection of a malicious device controlled by the homeserver. This is possible because matrix-react-sdk before 3.102.0 shared historical message keys on invite. Version 3.102.0 fixes this issue by disabling sharing message keys on invite by removing calls to the vulnerable functionality. No known workarounds are available.

Reserved 2024-10-03 | Published 2024-10-15 | Updated 2024-11-21 | Assigner GitHub_M


HIGH: 8.7CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

Product status

>= 3.18.0, < 3.102.0
affected

References

github.com/...ct-sdk/security/advisories/GHSA-qcvh-p9jq-wp8v

github.com/matrix-org/matrix-react-sdk/pull/12618

github.com/...ommit/6fc9d7641c51ca3db8225cf58b9d6e6fdd2d6556

cve.org (CVE-2024-47824)

nvd.nist.gov (CVE-2024-47824)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-47824

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.