27 matches found
CVE-2022-36009
gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the "eventsdefault" key of the m.room.powerlevels event, defaulting the event default...
CVE-2022-36009
CVE-2022-36009 affects gomatrixserverlib (Matrix federation library) and the Dendrite server. The root cause was incorrect parsing of the m.room.power_levels events_default field, which could cause events to be improperly authorized or rejected in rooms where events_default had been changed. A fi...
CVE-2022-36009 Incorrect parsing of access level in gomatrixserverlib and dendrite
gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the "eventsdefault" key of the m.room.powerlevels event, defaulting the event default...
CVE-2022-36009 Incorrect parsing of access level in gomatrixserverlib and dendrite
gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the "eventsdefault" key of the m.room.powerlevels event, defaulting the event default...
CVE-2022-36009 Incorrect parsing of access level in gomatrixserverlib and dendrite
gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the "eventsdefault" key of the m.room.powerlevels event, defaulting the event default...
PT-2022-23108 · Unknown +1 · Gomatrixserverlib +1
Name of the Vulnerable Software and Affected Versions: Dendrite versions prior to 0.9.3 gomatrixserverlib versions prior to commit 723fd49 Description: The power level parsing within gomatrixserverlib was failing to parse the "events default" key of the m.room.power levels event, defaulting the...
gomatrixserverlib 安全漏洞
gomatrixserverlib is a Go library open-sourced by matrix.org. Used for common functions required by the matrix server. A security vulnerability exists in gomatrixserverlib, which stems from the inability of its power level parsing program to parse the "eventsdefault" keyword of the...