Lucene search
K

11 matches found

Ubuntu
Ubuntu
added 2023/05/16 7:45 a.m.43 views

USN-6076-1: Synapse vulnerabilities

It was discovered that Synapse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2019-18835, CVE-2018-12291, CVE-2018-10657 It was...

9.8CVSS7.4AI score0.02418EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.37 views

Ubuntu 18.04 ESM : Synapse vulnerabilities (USN-6076-1)

The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6076-1 advisory. It was discovered that Synapse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input...

9.8CVSS7.6AI score0.02418EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.24 views

openSUSE Security Update : matrix-synapse (openSUSE-2019-475)

This update for matrix-synapse fixes the following security issue : - CVE-2018-12291: visibility rules were not applied correctly in the getmissingevents federation API boo1096833 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

7.5CVSS7.4AI score0.01805EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.25 views

Fedora 28 : matrix-synapse / python-prometheus_client (2018-6e759af8fb)

Update to latest Synapse release which fixes CVE-2018-12291 0.31.1 and a second security bug in 0.31.2: https://github.com/matrix-org/synapse/releases/tag/v0.31.2 This update includes a new package which is a dependency introduced by synapse-0.31 Note that Tenable Network Security has extracted t...

7.5CVSS7.4AI score0.01805EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/10/26 12:0 a.m.25 views

openSUSE: Security Advisory for matrix-synapse (openSUSE-SU-2018:1767-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.01805EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/06/24 12:0 a.m.20 views

Fedora Update for matrix-synapse FEDORA-2018-6e759af8fb

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01805EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/06/21 12:0 a.m.25 views

openSUSE Security Update : matrix-synapse (openSUSE-2018-654)

This update for matrix-synapse fixes the following security issue : - CVE-2018-12291: visibility rules were not applied correctly in the getmissingevents federation API boo1096833 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

7.5CVSS7.4AI score0.01805EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/06/13 2:29 p.m.19 views

CVE-2018-12291

The ongetmissingevents function in handlers/federation.py in Matrix Synapse before 0.31.1 has a security bug in the getmissingevents federation API where event visibility rules were not applied correctly...

7.5CVSS7.1AI score0.01805EPSS
Exploits0References4
CVE
CVE
added 2018/06/13 2:0 p.m.61 views

CVE-2018-12291

Summary: Matrix Synapse before 0.31.1 has a bug in on_get_missing_events ( federation.py ) where event visibility rules were not applied correctly in get_missing_events, potentially exposing incorrect events. Impact: as described in multiple advisories; CVE-2018-12291. Remediation: upgrade to Syn...

7.5CVSS7.4AI score0.01805EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/06/13 2:0 p.m.40 views

CVE-2018-12291

The ongetmissingevents function in handlers/federation.py in Matrix Synapse before 0.31.1 has a security bug in the getmissingevents federation API where event visibility rules were not applied correctly...

7.5AI score0.01805EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2018/06/13 2:0 p.m.31 views

CVE-2018-12291

The ongetmissingevents function in handlers/federation.py in Matrix Synapse before 0.31.1 has a security bug in the getmissingevents federation API where event visibility rules were not applied correctly...

7.5CVSS7.7AI score0.01805EPSS
Exploits0
Rows per page
Query Builder