cvelistv5 - cve-2024-42347

CVE-2024-42347 (GCVE-0-2024-42347)

Vulnerability from cvelistv5 – Published: 2024-08-06 17:16 – Updated: 2024-08-08 18:48

Summary

matrix-react-sdk is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Severity ?

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CWE

CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor

Assigner

GitHub_M

References

URL

Tags

	https://github.com/matrix-org/matrix-react-sdk/se…	x_refsource_CONFIRM
	https://github.com/matrix-org/matrix-react-sdk/re…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	matrix-org	matrix-react-sdk	Affected: < 3.105.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-42347",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-08T18:48:06.721647Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-08T18:48:19.919Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "matrix-react-sdk",
          "vendor": "matrix-org",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 3.105.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "matrix-react-sdk  is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user\u0027s account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-359",
              "description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-06T17:16:14.143Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-f83w-wqhc-cfp4",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-f83w-wqhc-cfp4"
        },
        {
          "name": "https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.105.1",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.105.1"
        }
      ],
      "source": {
        "advisory": "GHSA-f83w-wqhc-cfp4",
        "discovery": "UNKNOWN"
      },
      "title": "URL preview setting for a room is controllable by the homeserver in matrix-react-sdk"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-42347",
    "datePublished": "2024-08-06T17:16:14.143Z",
    "dateReserved": "2024-07-30T14:01:33.921Z",
    "dateUpdated": "2024-08-08T18:48:19.919Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:matrix:matrix-react-sdk:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"3.105.1\", \"matchCriteriaId\": \"08EF7CA9-DDC4-458C-811F-4DC290E7898B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"matrix-react-sdk  is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user\u0027s account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"Matrix-react-sdk es un SDK basado en reacci\\u00f3n para insertar un cliente de chat/voip Matrix en una p\\u00e1gina web. Un servidor dom\\u00e9stico malicioso podr\\u00eda manipular los datos de la cuenta de un usuario para hacer que el cliente habilite vistas previas de URL en salas cifradas de extremo a extremo, en cuyo caso cualquier URL de los mensajes cifrados se enviar\\u00eda al servidor. Esto fue parcheado en Matrix-react-sdk 3.105.0. Las implementaciones que conf\\u00edan en sus servidores dom\\u00e9sticos, as\\u00ed como las federaciones cerradas de servidores confiables, no se ven afectadas. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.\"}]",
      "id": "CVE-2024-42347",
      "lastModified": "2024-08-12T18:52:08.163",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"baseScore\": 7.7, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.1, \"impactScore\": 4.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}]}",
      "published": "2024-08-06T18:15:57.103",
      "references": "[{\"url\": \"https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.105.1\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-f83w-wqhc-cfp4\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "security-advisories@github.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-359\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-42347\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-08-06T18:15:57.103\",\"lastModified\":\"2024-08-12T18:52:08.163\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"matrix-react-sdk  is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user\u0027s account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Matrix-react-sdk es un SDK basado en reacci\u00f3n para insertar un cliente de chat/voip Matrix en una p\u00e1gina web. Un servidor dom\u00e9stico malicioso podr\u00eda manipular los datos de la cuenta de un usuario para hacer que el cliente habilite vistas previas de URL en salas cifradas de extremo a extremo, en cuyo caso cualquier URL de los mensajes cifrados se enviar\u00eda al servidor. Esto fue parcheado en Matrix-react-sdk 3.105.0. Las implementaciones que conf\u00edan en sus servidores dom\u00e9sticos, as\u00ed como las federaciones cerradas de servidores confiables, no se ven afectadas. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\",\"baseScore\":7.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.1,\"impactScore\":4.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-359\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:matrix:matrix-react-sdk:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.105.1\",\"matchCriteriaId\":\"08EF7CA9-DDC4-458C-811F-4DC290E7898B\"}]}]}],\"references\":[{\"url\":\"https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.105.1\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-f83w-wqhc-cfp4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-42347\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-08T18:48:06.721647Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-08T18:48:11.316Z\"}}], \"cna\": {\"title\": \"URL preview setting for a room is controllable by the homeserver in matrix-react-sdk\", \"source\": {\"advisory\": \"GHSA-f83w-wqhc-cfp4\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"matrix-org\", \"product\": \"matrix-react-sdk\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 3.105.1\"}]}], \"references\": [{\"url\": \"https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-f83w-wqhc-cfp4\", \"name\": \"https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-f83w-wqhc-cfp4\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.105.1\", \"name\": \"https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.105.1\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"matrix-react-sdk  is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user\u0027s account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-359\", \"description\": \"CWE-359: Exposure of Private Personal Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-08-06T17:16:14.143Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-42347\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-08T18:48:19.919Z\", \"dateReserved\": \"2024-07-30T14:01:33.921Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-08-06T17:16:14.143Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

OPENSUSE-SU-2024:14242-1

Vulnerability from csaf_opensuse - Published: 2024-08-07 00:00 - Updated: 2024-08-07 00:00

Summary

element-web-1.11.73-1.1 on GA media

Notes

Title of the patch

element-web-1.11.73-1.1 on GA media

Description of the patch

These are all security issues fixed in the element-web-1.11.73-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-14242

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "element-web-1.11.73-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the element-web-1.11.73-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14242",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14242-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-42347 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-42347/"
      }
    ],
    "title": "element-web-1.11.73-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-08-07T00:00:00Z",
      "generator": {
        "date": "2024-08-07T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14242-1",
      "initial_release_date": "2024-08-07T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-08-07T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "element-web-1.11.73-1.1.aarch64",
                "product": {
                  "name": "element-web-1.11.73-1.1.aarch64",
                  "product_id": "element-web-1.11.73-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "element-web-1.11.73-1.1.ppc64le",
                "product": {
                  "name": "element-web-1.11.73-1.1.ppc64le",
                  "product_id": "element-web-1.11.73-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "element-web-1.11.73-1.1.s390x",
                "product": {
                  "name": "element-web-1.11.73-1.1.s390x",
                  "product_id": "element-web-1.11.73-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "element-web-1.11.73-1.1.x86_64",
                "product": {
                  "name": "element-web-1.11.73-1.1.x86_64",
                  "product_id": "element-web-1.11.73-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "element-web-1.11.73-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:element-web-1.11.73-1.1.aarch64"
        },
        "product_reference": "element-web-1.11.73-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "element-web-1.11.73-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:element-web-1.11.73-1.1.ppc64le"
        },
        "product_reference": "element-web-1.11.73-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "element-web-1.11.73-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:element-web-1.11.73-1.1.s390x"
        },
        "product_reference": "element-web-1.11.73-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "element-web-1.11.73-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:element-web-1.11.73-1.1.x86_64"
        },
        "product_reference": "element-web-1.11.73-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-42347",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-42347"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "matrix-react-sdk  is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user\u0027s account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:element-web-1.11.73-1.1.aarch64",
          "openSUSE Tumbleweed:element-web-1.11.73-1.1.ppc64le",
          "openSUSE Tumbleweed:element-web-1.11.73-1.1.s390x",
          "openSUSE Tumbleweed:element-web-1.11.73-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-42347",
          "url": "https://www.suse.com/security/cve/CVE-2024-42347"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:element-web-1.11.73-1.1.aarch64",
            "openSUSE Tumbleweed:element-web-1.11.73-1.1.ppc64le",
            "openSUSE Tumbleweed:element-web-1.11.73-1.1.s390x",
            "openSUSE Tumbleweed:element-web-1.11.73-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:element-web-1.11.73-1.1.aarch64",
            "openSUSE Tumbleweed:element-web-1.11.73-1.1.ppc64le",
            "openSUSE Tumbleweed:element-web-1.11.73-1.1.s390x",
            "openSUSE Tumbleweed:element-web-1.11.73-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-08-07T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-42347"
    }
  ]
}

OPENSUSE-SU-2024:14273-1

Vulnerability from csaf_opensuse - Published: 2024-08-18 00:00 - Updated: 2024-08-18 00:00

Summary

element-desktop-1.11.73-1.1 on GA media

Notes

Title of the patch

element-desktop-1.11.73-1.1 on GA media

Description of the patch

These are all security issues fixed in the element-desktop-1.11.73-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-14273

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "element-desktop-1.11.73-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the element-desktop-1.11.73-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14273",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14273-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-42347 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-42347/"
      }
    ],
    "title": "element-desktop-1.11.73-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-08-18T00:00:00Z",
      "generator": {
        "date": "2024-08-18T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14273-1",
      "initial_release_date": "2024-08-18T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-08-18T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "element-desktop-1.11.73-1.1.aarch64",
                "product": {
                  "name": "element-desktop-1.11.73-1.1.aarch64",
                  "product_id": "element-desktop-1.11.73-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "element-desktop-1.11.73-1.1.ppc64le",
                "product": {
                  "name": "element-desktop-1.11.73-1.1.ppc64le",
                  "product_id": "element-desktop-1.11.73-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "element-desktop-1.11.73-1.1.s390x",
                "product": {
                  "name": "element-desktop-1.11.73-1.1.s390x",
                  "product_id": "element-desktop-1.11.73-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "element-desktop-1.11.73-1.1.x86_64",
                "product": {
                  "name": "element-desktop-1.11.73-1.1.x86_64",
                  "product_id": "element-desktop-1.11.73-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "element-desktop-1.11.73-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.aarch64"
        },
        "product_reference": "element-desktop-1.11.73-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "element-desktop-1.11.73-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.ppc64le"
        },
        "product_reference": "element-desktop-1.11.73-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "element-desktop-1.11.73-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.s390x"
        },
        "product_reference": "element-desktop-1.11.73-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "element-desktop-1.11.73-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.x86_64"
        },
        "product_reference": "element-desktop-1.11.73-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-42347",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-42347"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "matrix-react-sdk  is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user\u0027s account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.aarch64",
          "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.ppc64le",
          "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.s390x",
          "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-42347",
          "url": "https://www.suse.com/security/cve/CVE-2024-42347"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.aarch64",
            "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.ppc64le",
            "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.s390x",
            "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.aarch64",
            "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.ppc64le",
            "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.s390x",
            "openSUSE Tumbleweed:element-desktop-1.11.73-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-08-18T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-42347"
    }
  ]
}

GHSA-F83W-WQHC-CFP4

Vulnerability from github – Published: 2024-08-06 14:12 – Updated: 2024-08-08 16:38

Summary

Matrix SDK for React's URL preview setting for a room is controllable by the homeserver

Details

Impact

A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server.

Even if the CVSS score would be 4.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N) the maintainer classifies this as High severity issue.

Patches

This was patched in matrix-react-sdk 3.105.1.

Workarounds

Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected.

References

N/A.

Severity ?

4.1 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N

5.1 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/U:Red

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "matrix-react-sdk"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.105.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-42347"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-359"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-08-06T14:12:45Z",
    "nvd_published_at": "2024-08-06T18:15:57Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nA malicious homeserver could manipulate a user\u0027s account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server.\n\nEven if the CVSS score would be 4.1 ([AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N\u0026version=3.1)) the maintainer classifies this as High severity issue.\n\n### Patches\nThis was patched in matrix-react-sdk 3.105.1.\n\n### Workarounds\nDeployments that trust their homeservers, as well as closed federations of trusted servers, are not affected.\n\n### References\nN/A.\n",
  "id": "GHSA-f83w-wqhc-cfp4",
  "modified": "2024-08-08T16:38:00Z",
  "published": "2024-08-06T14:12:45Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-f83w-wqhc-cfp4"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42347"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/matrix-org/matrix-react-sdk"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.105.1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/U:Red",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Matrix SDK for React\u0027s URL preview setting for a room is controllable by the homeserver"
}

FKIE_CVE-2024-42347

Vulnerability from fkie_nvd - Published: 2024-08-06 18:15 - Updated: 2024-08-12 18:52

Severity ?

7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.105.1	Release Notes
	security-advisories@github.com	https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-f83w-wqhc-cfp4	Vendor Advisory

Impacted products

	Vendor	Product	Version
	matrix	matrix-react-sdk	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:matrix:matrix-react-sdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "08EF7CA9-DDC4-458C-811F-4DC290E7898B",
              "versionEndExcluding": "3.105.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "matrix-react-sdk  is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user\u0027s account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability."
    },
    {
      "lang": "es",
      "value": "Matrix-react-sdk es un SDK basado en reacci\u00f3n para insertar un cliente de chat/voip Matrix en una p\u00e1gina web. Un servidor dom\u00e9stico malicioso podr\u00eda manipular los datos de la cuenta de un usuario para hacer que el cliente habilite vistas previas de URL en salas cifradas de extremo a extremo, en cuyo caso cualquier URL de los mensajes cifrados se enviar\u00eda al servidor. Esto fue parcheado en Matrix-react-sdk 3.105.0. Las implementaciones que conf\u00edan en sus servidores dom\u00e9sticos, as\u00ed como las federaciones cerradas de servidores confiables, no se ven afectadas. Se recomienda a los usuarios que actualicen. No se conocen workarounds para esta vulnerabilidad."
    }
  ],
  "id": "CVE-2024-42347",
  "lastModified": "2024-08-12T18:52:08.163",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.7,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 4.0,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-08-06T18:15:57.103",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/matrix-org/matrix-react-sdk/releases/tag/v3.105.1"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/matrix-org/matrix-react-sdk/security/advisories/GHSA-f83w-wqhc-cfp4"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-359"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-42347 (GCVE-0-2024-42347)

OPENSUSE-SU-2024:14242-1

OPENSUSE-SU-2024:14273-1

GHSA-F83W-WQHC-CFP4

Impact

Patches

Workarounds

References

FKIE_CVE-2024-42347

Tags

Sightings

Nomenclature