Matrix Synapse 输入验证错误漏洞

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the UK. A security vulnerability was previously present in Synapse version 1.28.0, which stemmed from Synapse's lack of input validation of certain parameters used to validate third-party identifiers on...

Matrix Synapse 输入验证错误漏洞

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the UK. A security vulnerability was previously present in Synapse version 1.28.0, which stemmed from Synapse's lack of input validation of certain parameters used to validate third-party identifiers on...

CVE-2021-29936

An issue was discovered in the adtensor crate through 2021-01-11 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix...

Information disclosure

An issue was discovered in the adtensor crate through 2021-01-11 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix...

CVE-2021-29936

CVE-2021-29936 affects the adtensor crate for Rust. The FromIterator implementation for Vector and Matrix can drop uninitialized memory, due to its allocation logic, constituting a memory-safety issue. NVD metrics list a high/critical impact (CVSS v3.1: 9.8) with network access requirements. The ...

CVE-2021-29936

An issue was discovered in the adtensor crate through 2021-01-11 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix...

Matrix Synapse Cross-Site Scripting Vulnerability (CNVD-2021-24348)

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the UK. A cross-site scripting vulnerability exists in Matrix Synapse versions prior to 1.27.0, which can be exploited by attackers to access cookies and other browser data...

HTML Injection

matrix-synapse is vulnerable to HTML injection. Lack of output sanitization of the notification emails that are sent for notifications for missed messages or for an expiring account allows an attacker to inject and execute arbitrary HTML code in a user's browser...

CVE-2021-21332

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting XSS attacks. The...

CVE-2021-21333

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject...

CVE-2021-21333

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject...

CVE-2021-21332

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting XSS attacks. The...

CVE-2021-21332

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting XSS attacks. The...

Cross site scripting

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting XSS attacks. The...

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2021-21333 via matrix-synapse (>=0.33.9 <=1.153.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2021-21333 Source advisory: OSV:PYSEC-2021-134...

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2021-21332 via matrix-synapse (>=0.33.9 <=1.153.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2021-21332 Source advisory: OSV:PYSEC-2021-133...

CVE-2021-21333

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject...

Design/Logic Flaw

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject...

UBUNTU-CVE-2021-21333

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject...

PYSEC-2021-134

Synapse is a Matrix reference homeserver written in python pypi package matrix-synapse. Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject...