8 matches found
Fedora 39 : matrix-synapse (2023-4d4c73a8f0)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4d4c73a8f0 advisory. Update to v1.94.0 CVE-2023-45129 ---- Update to v1.93.0 CVE-2023-41335, CVE-2023-42453 Tenable has extracted the preceding description block directl...
Fedora: Security Advisory (FEDORA-2023-4d4c73a8f0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-42453 Improper validation of receipts allows forged read receipts in matrix synapse
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event if they knew the room ID and event ID. Note that the users were not able to view the events, but simply mark it as read. This could be confusing as...
CVE-2023-42453
CVE-2023-42453 affects Synapse (Matrix.org) — a Python/Twisted Matrix homeserver. The vulnerability allows forging read receipts for arbitrary events when the attacker knows the room ID and event ID, without needing to view the events. The consequence is clients may display the event as read by t...
CVE-2023-42453 Improper validation of receipts allows forged read receipts in matrix synapse
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event if they knew the room ID and event ID. Note that the users were not able to view the events, but simply mark it as read. This could be confusing as...
CVE-2023-42453
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event if they knew the room ID and event ID. Note that the users were not able to view the events, but simply mark it as read. This could be confusing as...
CVE-2023-42453
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event if they knew the room ID and event ID. Note that the users were not able to view the events, but simply mark it as read. This could be confusing as...
CVE-2023-42453 Improper validation of receipts allows forged read receipts in matrix synapse
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event if they knew the room ID and event ID. Note that the users were not able to view the events, but simply mark it as read. This could be confusing as...