rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity

Add CVE-2025-59047 for matrix-sdk-base (#2401)

Browse Source
This commit is contained in:
Damir Jelić
2025-09-11 14:10:54 +02:00
committed by GitHub
parent 1e25ffc23b
commit 2344133159
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
crates/matrix-sdk-base/RUSTSEC-2025-0000.md Normal file
View File

@@ -0,0 +1,20 @@
```toml
[advisory]
id = "RUSTSEC-2025-0000"
package = "matrix-sdk-base"
date = "2025-09-11"
url = "https://github.com/matrix-org/matrix-rust-sdk/security/advisories/GHSA-qhj8-q5r6-8q6j"
aliases = ["CVE-2025-59047", "GHSA-qhj8-q5r6-8q6j"]
[affected.functions]
"matrix_sdk_base::RoomMember::normalized_power_level" = ["<= 0.14.0"]
[versions]
patched = [">= 0.14.1"]
```
# matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method
In matrix-sdk-base before 0.14.1, calling the
`RoomMember::normalized_power_level()` method can cause a panic if a room member
has a power level of `Int::Min`.