Aggregates CVE and security vulnerability intelligence across all matrix-globalservices-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting and vendor risk path handling and related problems; some flaws may lead to vendor impact file overwrite and vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-38432 | Matrix Tafnit v8 - CWE-646: Reliance on File Name or Extension of Externally-Supplied File | [email protected] | 5.5 | 0.05% | 2024-07-30 | 2024-11-21 |
| CVE-2024-38431 | Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy | [email protected] | 5.3 | 0.30% | 2024-07-30 | 2024-11-21 |
| CVE-2024-38430 | Matrix - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | [email protected] | 5.4 | 0.28% | 2024-07-30 | 2024-11-21 |
| CVE-2024-38429 | Matrix Tafnit v8 - CWE-552: Files or Directories Accessible to External Parties | [email protected] | 7.5 | 0.17% | 2024-07-30 | 2024-11-21 |