30 matches found
CVE-2019-11340
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...
CVE-2019-11842
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...
EUVD-2019-0082
Malware in sbrugna...
EUVD-2022-4932
Malicious code in bioql PyPI...
Matrix Sydent Trust Management Issues Vulnerabilities
Matrix Sydent is an implementation of the Matrix Authentication Server API from the Matrix Foundation in the UK. A trust management issue vulnerability exists in versions of Sydent prior to 2.5.6, which stems from a vulnerability that allows an attacker with privileged access to the network to...
SUSE CVE-2019-11340
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...
matrix-sydent and matrix-synapse Use Cryptographically Weak PRNG
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...
GHSA-Q9H8-GPW5-C95C Matrix Sydent mishandles emails
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...
Matrix Sydent mishandles emails
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...
Matrix Sydent 输入验证错误漏洞
Matrix Sydent is an implementation of the Matrix Authentication Server API from the Matrix Foundation in the UK. Matrix Sydent suffers from an input validation error vulnerability that stems from the fact that the lack of input validation for certain parameters may lead to overuse of disk space a...
Matrix Sydent 输入验证错误漏洞
Matrix Sydent is an implementation of the Matrix Authentication Server API from the Matrix.org Foundation in the UK. Sydent suffers from a security vulnerability that can be exploited by an attacker to send arbitrary e-mail from a Sydent e-mail address...
Matrix Sydent 资源管理错误漏洞
Matrix Sydent is an implementation of the Matrix Authentication Server API from the Matrix.org Foundation in the UK. Sydent suffers from a resource management error vulnerability that results in memory exhaustion and denial of service...
Matrix Sydent 代码问题漏洞
Matrix Sydent is an implementation of the Matrix Authentication Server API from the Matrix.org Foundation in the UK. Sydent suffers from a security vulnerability that stems from a lack of parameter validation or IP address blacklisting, which could cause Sydent to send HTTP GET requests to intern...
DEBIAN-CVE-2019-11842
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...
CVE-2019-11842
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...
CVE-2019-11842
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...
Authentication flaw
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...
UBUNTU-CVE-2019-11842
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...
CVE-2019-11842
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...
PYSEC-2019-185
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID...