CNNVD-202509-1574 Information
CNNVD ID
CNNVD-202509-1574
Related CVE
- CNNVD Published: 2025-09-11
Description (Chinese)
Matrix Rust SDK是The Matrix.org Foundation开源的一个基于Rust的Matrix客户端服务器开发工具包。 Matrix Rust SDK 0.14.1之前版本存在安全漏洞,该漏洞源于处理Int::Min类型的权限级别时可能引发panic。
Description (English)
Matrix Rust SDK is a Rust-based Matrix server development toolkit for The Matrix.org Foundation Open Source. There is a security loophole in the pre-Matrix Rust SDK 0.14.1 version, which may be triggered by the processing of the Int:min-type permission level.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
The Matrix.org Foundation
Published
2025-09-11
Last Modified
2026-02-24
References
https://github.com/matrix-org/matrix-rust-sdk/commit/ce3b67f801446387972ff120e907ca828a9f1207 https://github.com/matrix-org/matrix-rust-sdk/pull/5635 https://github.com/matrix-org/matrix-rust-sdk/releases/tag/matrix-sdk-base-0.14.1 https://github.com/matrix-org/matrix-rust-sdk/security/advisories/GHSA-qhj8-q5r6-8q6j https://access.redhat.com/security/cve/cve-2025-59047
Patch
https://github.com/matrix-org/matrix-rust-sdk/releases
Share on: