6 matches found
USN-6076-1: Synapse vulnerabilities
It was discovered that Synapse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2019-18835, CVE-2018-12291, CVE-2018-10657 It was...
Ubuntu 18.04 ESM : Synapse vulnerabilities (USN-6076-1)
The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6076-1 advisory. It was discovered that Synapse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input...
Fedora 28 : matrix-synapse (2018-f513267ac5)
Update to latest upstream Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
CVE-2018-10657
Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federationbase.py and handlers/message.py, as exploited in the wild in April 2018...
CVE-2018-10657
Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federationbase.py and handlers/message.py, as exploited in the wild in April 2018...
CVE-2018-10657
Matrix Synapse before 0.28.1 is vulnerable to a denial-of-service (DoS) flaw triggered by specially crafted events with depth = 2^63 − 1, rendering rooms unusable. The issue is tied to federation/federation_base.py and handlers/message.py. Exploitation was observed in the wild in April 2018. Reme...