Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2019-18835HistoryNov 08, 2019 - 12:15 a.m.
CVE-2019-18835
2019-11-0800:15:00
Debian Security Bug Tracker
security-tracker.debian.org
6
0.002 Low
EPSS
Percentile
61.5%
Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /send_join, /send_leave, and /invite may not be correctly signed, or may not come from the expected servers.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | matrix-synapse | < 1.5.0-1 | matrix-synapse_1.5.0-1_all.deb |
| Debian | 13 | all | matrix-synapse | < 1.5.0-1 | matrix-synapse_1.5.0-1_all.deb |
Related
osv
osv
CVE-2019-18835
2019-11-08 00:15:10
Improper Verification of Cryptographic Signature in matrix-synapse
2022-05-24 22:01:05
PYSEC-2019-186
2019-11-08 00:15:00
ubuntucve
ubuntucve
CVE-2019-18835
2019-11-08 00:00:00
cve
cve
CVE-2019-18835
2019-11-08 00:15:00
prion
prion
Code injection
2019-11-08 00:15:00
github
github
Improper Verification of Cryptographic Signature in matrix-synapse
2022-05-24 22:01:05
cvelist
cvelist
CVE-2019-18835
2019-11-07 23:12:07
nessus
nessus
Ubuntu 18.04 ESM : Synapse vulnerabilities (USN-6076-1)
2023-05-16 00:00:00
ubuntu
ubuntu
Synapse vulnerabilities
2023-05-16 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6076-1)
2023-05-17 00:00:00