CVE-2024-51750

MEDIUM Year: 2024
CVSS v3 Score
5.0
Medium
Weakness Type
CWE-248
View all →

Vulnerability Description

Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messages or the entire room containing them. This was patched in Element Web and Desktop 1.11.85.

Related Vulnerabilities

CVE-2024-28835

MEDIUM
CVSS:5.0(Medium)

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

CWE-2482024

CVE-2022-3500

MEDIUM
CVSS:5.1(Medium)

A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors ...

CWE-2482022

CVE-2023-3774

MEDIUM
CVSS:4.9(Medium)

An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9.

CWE-2482023

CVE-2022-20675

MEDIUM
CVSS:5.3(Medium)

A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could a...

CWE-2482022

CVE-2022-36046

MEDIUM
CVSS:5.3(Medium)

Next.js is a React framework that can provide building blocks to create web applications. All of the following must be true to be affected by this CVE: Next.js version 12.2.3, Node.js version above v1...

CWE-2482022

CVE-2024-11738

MEDIUM
CVSS:5.3(Medium)

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service (panic) via a fragmented TLS ClientHello message.

CWE-2482024