3662 matches found
CVE-2022-34788
Summary (CVE-2022-34788) : The vulnerability affects the Jenkins Matrix Reloaded Plugin
Jenkins Plugin Matrix Reloaded 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Matrix Reloaded Plugin version 1.1...
Jenkins Plugin Matrix Reloaded 跨站脚本漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exist...
Matrix Synapse Denial of Service Vulnerability (CNVD-2022-60674)
Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the U.K. A denial of service vulnerability exists in versions of Matrix Synapse prior to 1.61.1, which stems from infinite recursion, where URL previews of certain web pages may exhaust the available stack...
PT-2022-22340 · Jenkins · Jenkins Matrix Reloaded Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Matrix Reloaded Plugin versions 1.1.3 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to rebuild previous matrix builds. This issue arises because the plugin does not require POST requests for...
matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2022-31052 via matrix-synapse (>=0.33.9 <=1.153.0)
matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2022-31052 Source advisory: OSV:GHSA-22P3-QRH9-CX32...
FreeBSD : py-matrix-synapse -- unbounded recursion in urlpreview (07c0d782-f758-11ec-acaa-901b0e9408dc)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 07c0d782-f758-11ec-acaa-901b0e9408dc advisory. - Synapse is an open source home server implementation for the Matrix chat network. In versions prior t...
DEBIAN-CVE-2022-31052
Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...
matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2022-31052 via matrix-synapse (>=0.33.9 <=1.153.0)
matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2022-31052 Source advisory: OSV:PYSEC-2022-224...
UBUNTU-CVE-2022-31052
Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...
CVE-2022-31052
CVE-2022-31052 affects Synapse (Matrix homeserver). In versions before 1.61.1, URL previews for some web pages can cause unbounded recursion, exhausting stack space and potentially crashing the Synapse process. Remote users can exploit via URL previews that clients auto-request, but the URL previ...
CVE-2022-31052
Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...
CVE-2022-31052 URL previews can crash Synapse media repositories or Synapse monoliths
Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...
Matrix Synapse 安全漏洞
Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the U.K. A denial of service vulnerability exists in versions of Matrix Synapse prior to 1.61.1, which stems from infinite recursion, where URL previews of certain web pages may exhaust the available stack...
py-matrix-synapse -- unbounded recursion in urlpreview
Matrix developers report: This release fixes a vulnerability with Synapse's URL preview feature. URL previews of some web pages can lead to unbounded recursion, causing the request to either fail, or in some cases crash the running Synapse process. Note that: Homeservers with the urlpreviewenable...
Huawei MindSpore Community 缓冲区错误漏洞
Huawei MindSpore Community is an open source deep learning framework from Huawei, China. Huawei MindSpore Community suffers from an information disclosure vulnerability that stems from accessing a shape allocated from the heap buffer if the input shape size is 0 when performing inferred shape...
A Man of Action: Meet Callum Carney
Hidden Talents: He was a competitive swimmer for many years. Instrument of Choice: His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life: The Office, World War Z, The Matrix, Breaking Bad, The Thick of It. Favorite non-profit:...
A Man of Action: Meet Callum Carney
Hidden Talents : He was a competitive swimmer for many years. Instrument of Choice : His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life : The Office, World War Z, The Matrix, Breaking Bad, The Thick of It...
A Man of Action: Meet Callum Carney
Hidden Talents : He was a competitive swimmer for many years. Instrument of Choice : His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life : The Office, World War Z, The Matrix, Breaking Bad, The Thick of It...
Trellix Global Defenders: Follina — Microsoft Office Zero-Day (CVE-2022-30190)
Trellix Global Defenders: Follina — Microsoft Office Zero-Day CVE-2022-30190 By Taylor Mullins, Robin Noyce, Benjamin Marandel · June 3, 2022 Trellix is continuing to monitor the threat activity associated with the Microsoft Office Zero-Day vulnerability that has been dubbed “Follina.”...