Search for packages
Package details: pkg:alpm/archlinux/element-web@1.7.34-2
purl pkg:alpm/archlinux/element-web@1.7.34-2
Next non-vulnerable version 1.8.4-1
Latest non-vulnerable version 1.9.7-1
Risk 4.0
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-y524-aq48-aaaa
Aliases:
CVE-2021-40823
GHSA-23cm-x6j7-6hq3
A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by affected Matrix clients participating in that room. This allows the homeserver to decrypt end-to-end encrypted messages sent by affected clients.
1.8.4-1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-03-28T07:45:30.057877+00:00 Arch Linux Importer Affected by VCID-y524-aq48-aaaa https://security.archlinux.org/AVG-2377 36.0.0
2024-10-09T23:18:56.411662+00:00 Arch Linux Importer Affected by VCID-y524-aq48-aaaa https://security.archlinux.org/AVG-2377 34.0.2
2024-09-28T20:47:41.121625+00:00 Arch Linux Importer Affected by VCID-y524-aq48-aaaa https://security.archlinux.org/AVG-2377 34.0.1
2024-02-10T15:56:50.687018+00:00 Arch Linux Importer Affected by VCID-y524-aq48-aaaa https://security.archlinux.org/AVG-2377 34.0.0rc2