Lucene search
+L

14 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:39 a.m.4 views

CVE-2024-31208

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

6.5CVSS6.7AI score0.01463EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.10 views

Fedora: Security Advisory for rust-pythonize (FEDORA-2024-7be0693731)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.9 views

Fedora: Security Advisory for rust-pythonize (FEDORA-2024-d408b654d6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.12 views

Fedora: Security Advisory for rust-pythonize (FEDORA-2024-3ff83cb806)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.15 views

Fedora: Security Advisory (FEDORA-2024-3ff83cb806)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.13 views

Fedora 38 : matrix-synapse / rust-pythonize (2024-7be0693731)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-7be0693731 advisory. Update matrix-synapse to v1.105.1 CVE-2024-31208 ---- Update to v1.105.0 Tenable has extracted the preceding description block directly from the Fedora...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/05/02 12:0 a.m.13 views

Fedora 39 : matrix-synapse / rust-pythonize (2024-d408b654d6)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-d408b654d6 advisory. Update matrix-synapse to v1.105.1 CVE-2024-31208 ---- Update to v1.105.0 Tenable has extracted the preceding description block directly from the Fedora...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/25 12:0 a.m.21 views

FreeBSD : py-matrix-synapse -- weakness in auth chain indexing allows DoS (bdfa6c04-027a-11ef-9c21-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the bdfa6c04-027a-11ef-9c21-901b0e9408dc advisory. - Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a ro...

6.5CVSS6.4AI score0.01463EPSS
Exploits0References4
NVD
NVD
added 2024/04/23 6:15 p.m.18 views

CVE-2024-31208

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

6.5CVSS6.2AI score0.01463EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/04/23 6:15 p.m.34 views

CVE-2024-31208

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

6.5CVSS6.6AI score0.01463EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2024/04/23 6:15 p.m.6 views

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2024-31208 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2024-31208 Source advisory: OSV:PYSEC-2024-50...

6.5CVSS6.5AI score0.01463EPSS
Exploits0
Cvelist
Cvelist
added 2024/04/23 5:26 p.m.56 views

CVE-2024-31208 Synapse's V2 state resolution weakness allows DoS from remote room members

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/04/23 5:26 p.m.19 views

CVE-2024-31208 Synapse's V2 state resolution weakness allows DoS from remote room members

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

6.5CVSS7.2AI score0.01463EPSS
Exploits0References6
CVE
CVE
added 2024/04/23 5:26 p.m.114 views

CVE-2024-31208

CVE-2024-31208 affects Synapse (Matrix homeserver) before 1.105.1. A remote matrix user sharing a room with such servers can dispatch crafted events to exploit the V2 state resolution algorithm, causing high CPU usage and database bloat leading to a denial of service. Impact is limited to servers...

6.5CVSS6.1AI score0.01463EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder