vulnerability
FreeBSD: VID-AB4E6F65-A142-11EF-84E9-901B0E9408DC (CVE-2024-51749): element-web -- several vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | Nov 12, 2024 | Nov 14, 2024 | Feb 18, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Nov 12, 2024
Added
Nov 14, 2024
Modified
Feb 18, 2025
Description
Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. Fixed in element-web 1.11.85.
Solution
freebsd-upgrade-package-element-web
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.