Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/05 7:33 p.m.11 views

CVE-2022-39200

Dendrite is a Matrix homeserver written in Go. In affected versions events retrieved from a remote homeserver using the /getmissingevents path did not have their signatures verified correctly. This could potentially allow a remote homeserver to provide invalid/modified events to Dendrite via this...

7.3CVSS6.7AI score0.00307EPSS
Exploits0References1
nvd
nvd
added 2022/09/12 8:15 p.m.16 views

CVE-2022-39200

Dendrite is a Matrix homeserver written in Go. In affected versions events retrieved from a remote homeserver using the /getmissingevents path did not have their signatures verified correctly. This could potentially allow a remote homeserver to provide invalid/modified events to Dendrite via this...

7.3CVSS0.00307EPSS
Exploits0References2
cve
cve
added 2022/09/12 8:10 p.m.101 views

CVE-2022-39200

Dendrite (Matrix homeserver, Go) had a vulnerability where events fetched from a remote server via /get_missing_events were not verified for signatures. This could allow a remote homeserver to provide invalid/modified events to Dendrite through that endpoint. Other endpoints such as /event or /st...

7.3CVSS6.1AI score0.00307EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2022/09/12 8:10 p.m.63 views

CVE-2022-39200 Signature checks not applied to some retrieved missing events

Dendrite is a Matrix homeserver written in Go. In affected versions events retrieved from a remote homeserver using the /getmissingevents path did not have their signatures verified correctly. This could potentially allow a remote homeserver to provide invalid/modified events to Dendrite via this...

7.3CVSS7.2AI score0.00307EPSS
Exploits0References2
cvelist
cvelist
added 2022/09/12 8:10 p.m.20 views

CVE-2022-39200 Signature checks not applied to some retrieved missing events

Dendrite is a Matrix homeserver written in Go. In affected versions events retrieved from a remote homeserver using the /getmissingevents path did not have their signatures verified correctly. This could potentially allow a remote homeserver to provide invalid/modified events to Dendrite via this...

7.3CVSS7.4AI score0.00307EPSS
Exploits0References2
Rows per page
Query Builder