22 matches found
ROOT-OS-DEBIAN-11-CVE-2022-50336 CVE-2022-50336 in rootio-linux - Patched by Root
Root has patched CVE-2022-50336 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
CVE-2022-50336
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could lead to NPD while reading these metadata files for a malformed NTFS...
Linux Distros Unpatched Vulnerability : CVE-2022-50336
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could...
CVE-2022-50336
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could lead to NPD while reading these metadata files for a malformed NTFS...
Mageia: Security Advisory (MGASA-2024-0395)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2024-0395 Updated thunderbird packages fix security vulnerability
Matrix-js-sdk has insufficient MXC URI validation which could allow client-side path traversal. CVE-2024-50336...
Updated thunderbird packages fix security vulnerability
Matrix-js-sdk has insufficient MXC URI validation which could allow client-side path traversal. CVE-2024-50336...
openSUSE Security Advisory (SUSE-SU-2024:4326-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MozillaThunderbird-128.5.2-1.1 on GA media (moderate)
MozillaThunderbird-128.5.2-1.1 on GA media Announcement ID: openSUSE-SU-2024:14584-1 Rating: moderate Cross-References: CVE-2024-50336 CVSS scores: CVE-2024-50336 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability...
SUSE-SU-2024:4326-1 Security update for MozillaThunderbird
This update for MozillaThunderbird fixes the following issues: - CVE-2024-50336: Fixed insufficient MXC URI validation which could allow client-side path traversal bsc1234413 Other fixes: - Updated to Mozilla Thunderbird 128.5.2i bsc1234413: fixed: Large virtual folders could be very slow fixed:...
SUSE CVE-2024-50336
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...
Slackware: Security Advisory (SSA:2024-346-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Thunderbird < 128.5.2
The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.5.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-69 advisory. - The Matrix specification demands homeservers to perform validation of the server-name and media-id components o...
@airgap/beacon-sdk (>=0.0.1 <=0.0.3-beta.9), @caelum-tech/lorena-matrix-client (>=1.3.0 <=2.1.2) +52 more potentially affected by CVE-2024-50336 via matrix-js-sdk (>=0.0.4 <=34.0.0)
matrix-js-sdk NPM version =0.0.4, =0.0.1, =1.3.0, =1.0.0, =2.0.0, =2.0.0-alpha.3, =2.0.0-alpha.1, =1.4.1, =0.0.1, =0.0.0-development, =0.17.0, =4.0.1, =1.2.0, =1.1.0, =1.8.0-beta.1 and more Source cves: CVE-2024-50336 Source advisory: OSV:GHSA-XVG8-M4X3-W6XR...
CVE-2024-50336
creationtimestamp| type| source ---|---|--- 2024-11-12 18:53:50+00:00| seen| https://t.me/cvedetector/10665 2024-12-11 17:25:42+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113635355747091624...
CVE-2024-50336
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...
CVE-2024-50336 matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...
CVE-2024-50336 matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...
CVE-2024-50336
CVE-2024-50336 affects matrix-js-sdk up to version 34.11.0 and allows client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients to issue arbitrary authenticated GET requests to the user’s homeserver. The issue is fixed in matrix-js-sdk 34.11.1. Affected product:...
CVE-2023-50336
creationtimestamp| type| source ---|---|--- 2024-02-14 18:27:21+00:00| seen| https://t.me/ctinow/184889...