Description

matrix-sdk-base is the base component to build a Matrix client library. In matrix-sdk-base before 0.14.1, calling the `RoomMember::normalized_power_level()` method can cause a panic if a room member has a power level of `Int::Min`. The issue is fixed in matrix-sdk-base 0.14.1. The affected method isn’t used internally, so avoiding calling `RoomMember::normalized_power_level()` prevents the panic.

INFO

Published Date :

2025-09-11T18:03:50.361Z

Last Modified :

2025-09-11T18:22:28.636Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-59047 vulnerability.

Vendors Products
Matrix
  • Matrix-rust-sdk
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-59047.

URL Resource
https://github.com/matrix-org/matrix-rust-sdk/commit/ce3b67f801446387972ff120e907ca828a9f1207 cve-icon cve-icon
https://github.com/matrix-org/matrix-rust-sdk/pull/5635 cve-icon cve-icon
https://github.com/matrix-org/matrix-rust-sdk/releases/tag/matrix-sdk-base-0.14.1 cve-icon cve-icon
https://github.com/matrix-org/matrix-rust-sdk/security/advisories/GHSA-qhj8-q5r6-8q6j cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability