MEDIUM🇬🇧 English

CVE-2024-45192

CVSS 5.3v3.1pub. 2024-08-22upd. 2025-06-17

An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Matrix Olm

    APP
    Matrix
    ≤ 3.2.16
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2021-44538CRITICAL9.8ten sam produkt

The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm se...

CVE-2021-34813CRITICAL9.8ten sam produkt

Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to r...

CVE-2024-45191MEDIUM5.3ten sam produkt

An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing ...

CVE-2024-45193MEDIUM4.3ten sam produkt

An issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack o...

CVE-2023-38686CRITICAL9.3ten sam vendor

Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to ...

CVE-2024-45192 — MEDIUM 5.3 | CVEbaza.pl