Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2020/12/14 12:0 a.m.23 views

FreeBSD : py-matrix-synapse -- DoS on Federation API (cfa0be42-3cd7-11eb-9de7-641c67a117d8)

Matrix developers reports : A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a /sendjoin, /sendleave, /invite or /exchangethirdpartyinvite request. This can lead to a denial of service in which future events will...

6.5CVSS7AI score0.02363EPSS
Exploits0References4
Circl
Circl
added 2020/12/09 10:32 p.m.7 views

CVE-2020-26257

creationtimestamp| type| source ---|---|--- 2020-12-09 22:32:43+00:00| seen| https://t.me/cibsecurity/18166 2020-12-09 22:53:09+00:00| seen| https://t.me/cibsecurity/18205 2020-12-09 23:23:11+00:00| seen| https://t.me/cibsecurity/18224 2020-12-09 23:25:39+00:00| seen| https://t.me/cibsecurity/182...

6.5CVSS6.9AI score0.02363EPSS
Exploits0References11
CVE
CVE
added 2020/12/09 6:25 p.m.110 views

CVE-2020-26257

CVE-2020-26257 affects Matrix Synapse, the Matrix homeserver. A malicious or poorly-implemented homeserver can inject malformed events by specifying a different room_id in the path of /send_join, /send_leave, /invite, or /exchange_third_party_invite, leading to a denial of service where future fe...

6.5CVSS6.6AI score0.02363EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2020/12/09 6:25 p.m.29 views

CVE-2020-26257 Denial of service attack via incorrect parameters to federation APIs

Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a /sendjoin, /sendleave, /invit...

6.5CVSS6.4AI score0.02363EPSS
Exploits0References6
Rows per page
Query Builder