9 matches found
Fedora: Security Advisory for rust-pythonize (FEDORA-2023-c0696d7b53)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for python-matrix-common (FEDORA-2023-c0696d7b53)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : matrix-synapse / python-matrix-common / rust-pythonize (2023-c0696d7b53)
The remote Fedora 37 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-c0696d7b53 advisory. Update matrix-synapse to v1.80.0 to fix CVE-2022-39374, CVE-2023-32323 Tenable has extracted the preceding description block directly from the Fedor...
SUSE CVE-2023-32323
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disable...
CVE-2023-32323
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disable...
CVE-2023-32323
CVE-2023-32323 affects the Synapse Matrix homeserver. The issue stems from an unlimited invite_room_state size in versions up to 1.73, enabling a malicious user with state-event permissions to disrupt outbound federation. A fix was introduced in 1.74, which refuses oversized invite_room_state fie...
CVE-2023-32323 Synapse Outgoing federation to specific hosts can be disabled by sending malicious invites
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disable...
CVE-2023-32323 Synapse Outgoing federation to specific hosts can be disabled by sending malicious invites
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disable...
matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.73.0.1) +7 more potentially affected by CVE-2023-32323 via matrix-synapse (>=0.33.9 <=1.73.0)
matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2023-32323 Source advisory: OSV:GHSA-F3WC-3VXV-XMVR...