Lucene search
+L

5 matches found

vulnersOsv
vulnersOsv
added 2024/12/03 5:15 p.m.8 views

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2024-37303 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2024-37303 Source advisory: OSV:PYSEC-2024-287...

5.3CVSS6.5AI score0.00419EPSS
Exploits0
Cvelist
Cvelist
added 2024/12/03 5:6 p.m.19 views

CVE-2024-37303 Synapse unauthenticated writes to the media repository allow planting of problematic content

Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the...

5.3CVSS0.00419EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/12/03 5:6 p.m.19 views

CVE-2024-37303 Synapse unauthenticated writes to the media repository allow planting of problematic content

Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the...

5.3CVSS7AI score0.00419EPSS
Exploits0References2
OSV
OSV
added 2024/12/03 5:6 p.m.9 views

CVE-2024-37303 Synapse unauthenticated writes to the media repository allow planting of problematic content

Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the...

5.3CVSS6AI score0.00419EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2024/12/03 5:6 p.m.30 views

CVE-2024-37303

Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the...

5.3CVSS7.4AI score0.00419EPSS
Exploits0
Rows per page
Query Builder