5 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-41952
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse before 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection...
CVE-2022-41952
Synapse before 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after maxspidersize default: 10M bytes have been downloaded, which can in some cases lead to...
CVE-2022-41952 Uncontrolled Resource Consumption in Matrix Synapse
Synapse before 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after maxspidersize default: 10M bytes have been downloaded, which can in some cases lead to...
CVE-2022-41952
CVE-2022-41952 affects Matrix Synapse up to 1.52.x with URL previews enabled. The issue arises when previewing media stream URLs, as connections are not properly bounded by time or data, potentially causing long-lived connections to streaming servers (e.g., Icecast) and excessive traffic if expos...
CVE-2022-41952 Uncontrolled Resource Consumption in Matrix Synapse
Synapse before 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time. Connections will only be terminated after maxspidersize default: 10M bytes have been downloaded, which can in some cases lead to...