Lucene search
K

14 matches found

Ubuntu
Ubuntu
added 2023/05/16 7:45 a.m.43 views

USN-6076-1: Synapse vulnerabilities

It was discovered that Synapse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2019-18835, CVE-2018-12291, CVE-2018-10657 It was...

9.8CVSS7.4AI score0.02418EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.37 views

Ubuntu 18.04 ESM : Synapse vulnerabilities (USN-6076-1)

The remote Ubuntu 18.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6076-1 advisory. It was discovered that Synapse incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input...

9.8CVSS7.6AI score0.02418EPSS
Exploits0References8
vulnersOsv
vulnersOsv
added 2022/05/13 1:8 a.m.2 views

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2019-5885 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2019-5885 Source advisory: OSV:GHSA-JRQM-V8CV-53WW...

7.5CVSS7.1AI score0.02418EPSS
Exploits0
OSV
OSV
added 2019/03/21 4:1 p.m.14 views

CVE-2019-5885

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.5CVSS7.6AI score0.02418EPSS
Exploits0References4
NVD
NVD
added 2019/03/21 4:1 p.m.17 views

CVE-2019-5885

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.5CVSS7.6AI score0.02418EPSS
Exploits0References4
OSV
OSV
added 2019/03/21 4:1 p.m.4 views

UBUNTU-CVE-2019-5885

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.5CVSS7.2AI score0.02418EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/03/21 4:1 p.m.24 views

CVE-2019-5885

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.5CVSS7.2AI score0.02418EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/03/19 5:59 p.m.27 views

CVE-2019-5885

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.6AI score0.02418EPSS
Exploits0References4
CVE
CVE
added 2019/03/19 5:59 p.m.83 views

CVE-2019-5885

CVE-2019-5885 affects Matrix Synapse prior to 0.34.0.1. When the macaroon_secret_key parameter is not set, a predictable value is used to derive a secret key (and other secrets), which could allow remote attackers to impersonate users. The issue is documented across multiple sources (including a ...

7.5CVSS7.5AI score0.02418EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2019/03/19 5:59 p.m.22 views

CVE-2019-5885

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.5CVSS7.7AI score0.02418EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/23 12:0 a.m.27 views

Fedora 28 : matrix-synapse (2019-c6044b3fce)

Fix for CVE-2019-5885 Upgrade notes available at https://github.com/matrix-org/synapse/blob/v0.34.0/UPGRADE.rstupgradi ng-to-v0340 - Note this continues to use Python 2. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...

7.5CVSS7.4AI score0.02418EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2019/01/23 12:0 a.m.27 views

Fedora 29 : matrix-synapse (2019-4d914f9257)

Fix for CVE-2019-5885 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security,...

7.5CVSS7.4AI score0.02418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/01/16 12:0 a.m.37 views

FreeBSD : py-matrix-synapse -- undisclosed vulnerability (383931ba-1818-11e9-92ea-448a5b29e8a9)

Matrix developers report : The matrix team announces the availablility of synapse security releases 0.34.0.1 and 0.34.1.1, fixing CVE-2019-5885. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...

7.5CVSS7.5AI score0.02418EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2019/01/10 12:0 a.m.28 views

py-matrix-synapse -- undisclosed vulnerability

Matrix developers report: The matrix team announces the availablility of synapse security releases 0.34.0.1 and 0.34.1.1, fixing CVE-2019-5885...

7.5CVSS2.4AI score0.02418EPSS
Exploits0References1
Rows per page
Query Builder