Lucene search
K

6 matches found

Circl
Circl
added 2025/01/16 8:16 p.m.6 views

CVE-2024-56515

creationtimestamp| type| source ---|---|--- 2025-01-16 20:16:10+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv3vjtn5y2n...

6.8CVSS6.6AI score0.00618EPSS
Exploits0References1
NVD
NVD
added 2025/01/16 8:15 p.m.9 views

CVE-2024-56515

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in...

6.8CVSS0.00618EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/16 7:11 p.m.12 views

CVE-2024-56515 Untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders in Matrix Media Repo

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in...

6.8CVSS0.00618EPSS
Exploits0References2
CVE
CVE
added 2025/01/16 7:11 p.m.57 views

CVE-2024-56515

CVE-2024-56515 affects Matrix Media Repo (MMR). The issue arises when enabling SVG/JPEGXL/MP4 thumbnailers may allow a crafted upload to trigger a decoder in ImageMagick or ffmpeg, potentially leading to code execution in some environments. MMR v1.3.8 fixes the problem by validating media mimetyp...

6.8CVSS6.8AI score0.00618EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/16 7:11 p.m.7 views

CVE-2024-56515 Untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders in Matrix Media Repo

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in...

6.8CVSS7.1AI score0.00618EPSS
Exploits0References2
OSV
OSV
added 2025/01/16 7:11 p.m.4 views

CVE-2024-56515 Untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders in Matrix Media Repo

Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in...

6.8CVSS6.8AI score0.00618EPSS
Exploits0References4
Rows per page
Query Builder