matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumers ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This vulnerability is distinct from GHSA-rfv9-x7hh-xc32 which covers a similar issue. The issue has been patched in matrix-js-sdk 24.0.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.
Weakness
The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Javascript_sdk | Matrix | * | 24.0.0 (excluding) |
| Red Hat Enterprise Linux 7 | RedHat | thunderbird-0:102.10.0-2.el7_9 | * |
| Red Hat Enterprise Linux 8 | RedHat | thunderbird-0:102.10.0-2.el8_7 | * |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | RedHat | thunderbird-0:102.10.0-2.el8_1 | * |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | RedHat | thunderbird-0:102.10.0-2.el8_2 | * |
| Red Hat Enterprise Linux 8.2 Telecommunications Update Service | RedHat | thunderbird-0:102.10.0-2.el8_2 | * |
| Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions | RedHat | thunderbird-0:102.10.0-2.el8_2 | * |
| Red Hat Enterprise Linux 8.4 Extended Update Support | RedHat | thunderbird-0:102.10.0-2.el8_4 | * |
| Red Hat Enterprise Linux 8.6 Extended Update Support | RedHat | thunderbird-0:102.10.0-2.el8_6 | * |
| Red Hat Enterprise Linux 9 | RedHat | thunderbird-0:102.10.0-2.el9_1 | * |
| Red Hat Enterprise Linux 9.0 Extended Update Support | RedHat | thunderbird-0:102.10.0-2.el9_0 | * |
| Node-matrix-js-sdk | Ubuntu | focal | * |
| Node-matrix-js-sdk | Ubuntu | kinetic | * |
| Node-matrix-js-sdk | Ubuntu | lunar | * |
| Node-matrix-js-sdk | Ubuntu | mantic | * |
| Node-matrix-js-sdk | Ubuntu | oracular | * |
| Node-matrix-js-sdk | Ubuntu | trusty | * |
| Node-matrix-js-sdk | Ubuntu | xenial | * |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/1.html
- https://cwe.mitre.org/data/definitions/180.html
- https://cwe.mitre.org/data/definitions/77.html
References
- https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-mwq8-fjpf-c2gr
- https://lists.debian.org/debian-lts-announce/2023/04/msg00027.html
- https://matrix.org/blog/2023/03/28/security-releases-matrix-js-sdk-24-0-0-and-matrix-react-sdk-3-69-0
- https://security.gentoo.org/glsa/202305-36
- https://www.debian.org/security/2023/dsa-5392
- https://github.com/matrix-org/matrix-js-sdk/security/advisories/GHSA-mwq8-fjpf-c2gr
- https://lists.debian.org/debian-lts-announce/2023/04/msg00027.html
- https://matrix.org/blog/2023/03/28/security-releases-matrix-js-sdk-24-0-0-and-matrix-react-sdk-3-69-0
- https://security.gentoo.org/glsa/202305-36
- https://www.debian.org/security/2023/dsa-5392