6 matches found
Fedora 38 : matrix-synapse (2023-56760afca8)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-56760afca8 advisory. Update to v1.85.2 ---- Update to v1.85.1 ---- Update to v1.85.0 Fixes CVE-2023-32682, CVE-2023-32683 ---- Update to v1.84.1 Tenable has extracted th...
CVE-2023-32683
Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can bypass the urlpreviewurlblacklist setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the...
matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.84.1.0) +7 more potentially affected by CVE-2023-32683 via matrix-synapse (>=0.33.9 <=1.84.1)
matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2023-32683 Source advisory: OSV:PYSEC-2023-85...
CVE-2023-32683 URL deny list bypass via oEmbed and image URLs when generating previews in Synapse
Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can bypass the urlpreviewurlblacklist setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the...
CVE-2023-32683
Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can bypass the urlpreviewurlblacklist setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the...
matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.84.1.0) +7 more potentially affected by CVE-2023-32683 via matrix-synapse (>=0.33.9 <=1.84.1)
matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2023-32683 Source advisory: OSV:GHSA-98PX-6486-J7QC...