CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51750 – Element allows a malicious homeserver can modify events leading to unrenderable events or rooms
https://notcve.org/view.php?id=CVE-2024-51750
Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messages or the entire room containing them. This was patched in Element Web and Desktop 1.11.85. • https://github.com/element-hq/element-web/commit/231073c578d5f92b33cde7aa2b0b9c5836b2dc48 https://github.com/element-hq/element-web/security/advisories/GHSA-w36j-v56h-q9pc • CWE-248: Uncaught Exception •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-51749 – Element's thumbnails can be abused to misrepresent the content of an attachment
https://notcve.org/view.php?id=CVE-2024-51749
Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. Fixed in element-web 1.11.85. • https://github.com/element-hq/element-web/commit/a00c343435d633e64de2c0548217aa611c7bbef5 https://github.com/element-hq/element-web/security/advisories/GHSA-5486-384g-mcx2 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47779 – Element Web vulnerable to potential exposure of access token via authenticated media
https://notcve.org/view.php?id=CVE-2024-47779
Element is a Matrix web client built using the Matrix React SDK. Element Web versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involving malicious widgets, but other vectors may exist. Note that despite superficial similarity to CVE-2024-47771, this is an entirely separate vulnerability, caused by a separate piece of code included only in Element Web. Element Web and Element Desktop share most but not all, of their code and this vulnerability exists in the part of the code base which is not shared between the projects. • https://github.com/element-hq/element-web/security/advisories/GHSA-3jm3-x98c-r34x https://github.com/element-hq/element-web/commit/8d7f2b5c1301129a488d3597f3839bd74203ee62 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47771 – Element Desktop vulnerable to potential exposure of access token via authenticated media
https://notcve.org/view.php?id=CVE-2024-47771
Element Desktop is a Matrix client for desktop platforms. Element Desktop versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involving malicious widgets, but other vectors may exist. Users are strongly advised to upgrade to version 1.11.81 to remediate the issue. As a workaround, avoid granting permissions to untrusted widgets. • https://github.com/element-hq/element-desktop/commit/6c78684e84ba7f460aedba6f017760e2323fdf4b https://github.com/element-hq/element-desktop/security/advisories/GHSA-963w-49j9-gxj6 https://github.com/element-hq/element-web/commit/63c8550791a0221189f495d6458fee7db601c789 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31208 – Synapse's V2 state resolution weakness allows DoS from remote room members
https://notcve.org/view.php?id=CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate excessive data in the database of such instances, resulting in a denial of service. Servers in private federations, or those that do not federate, are not affected. Server administrators should upgrade to 1.105.1 or later. • https://github.com/element-hq/synapse/commit/55b0aa847a61774b6a3acdc4b177a20dc019f01a https://github.com/element-hq/synapse/releases/tag/v1.105.1 https://github.com/element-hq/synapse/security/advisories/GHSA-3h7q-rfh9-xm4v https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6FCCO4ODTZ3FDS7TMW76PKOSEL2TQVB https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RR53FNHV446CB37TP45GZ6F6HZLZCK3K https://lists.fedoraproject.org/archives/list/package-announce@lists. • CWE-770: Allocation of Resources Without Limits or Throttling •