Lucene search
K

6 matches found

Circl
Circl
added 2025/01/16 8:15 p.m.7 views

CVE-2024-36403

creationtimestamp| type| source ---|---|--- 2025-01-16 20:15:57+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv3v5clqq2b...

7.5CVSS6.8AI score0.00675EPSS
Exploits0References1
NVD
NVD
added 2025/01/16 8:15 p.m.7 views

CVE-2024-36403

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 is vulnerable to unbounded disk consumption, where an unauthenticated adversary can induce it to download and cache large amounts of remote media files. MMR's typical operating...

7.5CVSS0.00675EPSS
Exploits0References2
OSV
OSV
added 2025/01/16 7:16 p.m.7 views

CVE-2024-36403 Denial of service/high operating costs through unauthenticated downloads in Matrix Media Repo

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 is vulnerable to unbounded disk consumption, where an unauthenticated adversary can induce it to download and cache large amounts of remote media files. MMR's typical operating...

5.3CVSS7AI score0.00675EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/01/16 7:16 p.m.14 views

CVE-2024-36403 Denial of service/high operating costs through unauthenticated downloads in Matrix Media Repo

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 is vulnerable to unbounded disk consumption, where an unauthenticated adversary can induce it to download and cache large amounts of remote media files. MMR's typical operating...

5.3CVSS0.00675EPSS
Exploits0References2
CVE
CVE
added 2025/01/16 7:16 p.m.57 views

CVE-2024-36403

CVE-2024-36403 affects Matrix Media Repo (MMR) before 1.3.5. An unauthenticated attacker can cause unbounded disk consumption by triggering MMR to download and cache large volumes of remote media. Deployments using file-backed storage or self-hosted S3 storage are vulnerable to a disk-fill denial...

7.5CVSS5.5AI score0.00675EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/16 7:16 p.m.5 views

CVE-2024-36403 Denial of service/high operating costs through unauthenticated downloads in Matrix Media Repo

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. MMR before version 1.3.5 is vulnerable to unbounded disk consumption, where an unauthenticated adversary can induce it to download and cache large amounts of remote media files. MMR's typical operating...

5.3CVSS5.8AI score0.00675EPSS
Exploits0References2
Rows per page
Query Builder