10 matches found
Fedora 37 : matrix-synapse / python-matrix-common / rust-pythonize (2023-c0696d7b53)
The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-c0696d7b53 advisory. Update matrix-synapse to v1.80.0 to fix CVE-2022-39374, CVE-2023-32323 Tenable has extracted the preceding description block directly from the Fedor...
Fedora 37 : matrix-synapse (2023-eb65439ec0)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-eb65439ec0 advisory. Security fix for CVE-2022-39335 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora: Security Advisory for matrix-synapse (FEDORA-2023-eb65439ec0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.68.0.0) +7 more potentially affected by CVE-2022-39335 via matrix-synapse (>=0.33.9 <=1.68.0)
matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2022-39335 Source advisory: OSV:PYSEC-2023-65...
CVE-2022-39335
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix Federation API allows remote homeservers to request the authorization events in a room. This is necessary so that a homeserver receiving some events can validate that those events are...
CVE-2022-39335
CVE-2022-39335 affects Synapse (Matrix homeserver). The issue: when a home server answers a query for authorization events via the Federation API, it does not sufficiently verify that the requesting server should access those events. This could enable access to authorization events in a room by u...
CVE-2022-39335 Synapse does not apply enough checks to servers requesting auth events of events in a room
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix Federation API allows remote homeservers to request the authorization events in a room. This is necessary so that a homeserver receiving some events can validate that those events are...
CVE-2022-39335
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix Federation API allows remote homeservers to request the authorization events in a room. This is necessary so that a homeserver receiving some events can validate that those events are...
CVE-2022-39335
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix Federation API allows remote homeservers to request the authorization events in a room. This is necessary so that a homeserver receiving some events can validate that those events are...
matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.68.0.0) +7 more potentially affected by CVE-2022-39335 via matrix-synapse (>=0.33.9 <=1.68.0)
matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2022-39335 Source advisory: OSV:GHSA-45CJ-F97F-GGWV...