4 matches found
FreeBSD : py-matrix-synapse -- DoS on Federation API (cfa0be42-3cd7-11eb-9de7-641c67a117d8)
Matrix developers reports : A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a /sendjoin, /sendleave, /invite or /exchangethirdpartyinvite request. This can lead to a denial of service in which future events will...
CVE-2020-26257
creationtimestamp| type| source ---|---|--- 2020-12-09 22:32:43+00:00| seen| https://t.me/cibsecurity/18166 2020-12-09 22:53:09+00:00| seen| https://t.me/cibsecurity/18205 2020-12-09 23:23:11+00:00| seen| https://t.me/cibsecurity/18224 2020-12-09 23:25:39+00:00| seen| https://t.me/cibsecurity/182...
CVE-2020-26257
CVE-2020-26257 affects Matrix Synapse, the Matrix homeserver. A malicious or poorly-implemented homeserver can inject malformed events by specifying a different room_id in the path of /send_join, /send_leave, /invite, or /exchange_third_party_invite, leading to a denial of service where future fe...
CVE-2020-26257 Denial of service attack via incorrect parameters to federation APIs
Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a /sendjoin, /sendleave, /invit...