3 matches found
DEBIAN-CVE-2019-18835
Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...
PYSEC-2019-186
Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...
PT-2019-15690 · Matrix +2 · Matrix Synapse +2
Name of the Vulnerable Software and Affected Versions: Matrix Synapse versions prior to 1.5.0 Description: The issue concerns the mishandling of signature checking on some federation APIs. Events sent over "/send join", "/send leave", and "/invite" API endpoints may not be correctly signed, or ma...