14 matches found
CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
Fedora: Security Advisory for rust-pythonize (FEDORA-2024-7be0693731)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for rust-pythonize (FEDORA-2024-d408b654d6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for rust-pythonize (FEDORA-2024-3ff83cb806)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-3ff83cb806)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 38 : matrix-synapse / rust-pythonize (2024-7be0693731)
The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-7be0693731 advisory. Update matrix-synapse to v1.105.1 CVE-2024-31208 ---- Update to v1.105.0 Tenable has extracted the preceding description block directly from the Fedora...
Fedora 39 : matrix-synapse / rust-pythonize (2024-d408b654d6)
The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-d408b654d6 advisory. Update matrix-synapse to v1.105.1 CVE-2024-31208 ---- Update to v1.105.0 Tenable has extracted the preceding description block directly from the Fedora...
FreeBSD : py-matrix-synapse -- weakness in auth chain indexing allows DoS (bdfa6c04-027a-11ef-9c21-901b0e9408dc)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bdfa6c04-027a-11ef-9c21-901b0e9408dc advisory. - Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a ro...
CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2024-31208 via matrix-synapse (=0.33.9)
matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2024-31208 Source advisory: OSV:PYSEC-2024-50...
CVE-2024-31208 Synapse's V2 state resolution weakness allows DoS from remote room members
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
CVE-2024-31208 Synapse's V2 state resolution weakness allows DoS from remote room members
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
CVE-2024-31208
CVE-2024-31208 affects Synapse (Matrix homeserver) before 1.105.1. A remote matrix user sharing a room with such servers can dispatch crafted events to exploit the V2 state resolution algorithm, causing high CPU usage and database bloat leading to a denial of service. Impact is limited to servers...