pkg:npm/matrix-react-sdk

All known vulnerabilities

• HIGH8.2CVE-2023-30609HTML injection in search results via plaintext message highlighting
  from 0, < 3.71.0
• HIGH8.2CVE-2023-28103Prototype pollution in matrix-react-sdk
  from 0, < 3.69.0
• HIGH7.2CVE-2022-36060matrix-react-sdk Prototype pollution vulnerability
  from 0, < 3.53.0
• MEDIUM6.1matrix-react-sdk vulnerable to XSS in Export Chat feature
  >= 3.32.0, < 3.76.0
• MEDIUM4.2Improper file handling in matrix-react-sdk
  from 0, < 3.21.0
• MEDIUM4.2Improper file handling in matrix-react-sdk
  from 0, < 3.21.0
• MEDIUM4.1Matrix SDK for React's URL preview setting for a room is controllable by the homeserver
  from 0, < 3.105.1
• LOW2.6User content sandbox can be confused into opening arbitrary documents
  from 0, < 3.15.0
• NONE0.0Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
  >= 3.18.0, < 3.102.0