vulnerability
FreeBSD: VID-0dcf68fa-5c31-11ec-875e-901b0e9408dc: Matrix clients -- several vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Dec 13, 2021 | Nov 4, 2022 | Dec 10, 2025 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Dec 13, 2021
Added
Nov 4, 2022
Modified
Dec 10, 2025
Description
Matrix developers report: Today we are releasing security updates to libolm, matrix-js-sdk, and several clients including Element Web / Desktop. Users are encouraged to upgrade as soon as possible. These releases mitigate a buffer overflow in olm_session_describe, a libolm debugging function used by matrix-js-sdk in its end-to-end encryption (E2EE) implementation. If you rely on matrix-js-sdk for E2EE, you are affected.
Solutions
freebsd-upgrade-package-cinnyfreebsd-upgrade-package-element-web
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.