CVE-2021-40823: Use of a Broken or Risky Cryptographic Algorithm
(updated )
There is a logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK). This allows the homeserver to decrypt end-to-end encrypted messages sent by affected clients.
References
Detect and mitigate CVE-2021-40823 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →