14 matches found
Personal AI Infrastructure 5.0.0
PAI is a Personalized AI Platform designed to magnify your capabilities. It's designed for humans most of all, but can be used by teams, companies, or Federations of Planets desiring to be better versions of themselves. The goal of the project is to get people working with AI and lower the bar...
ALSA-2025:21628 Critical: lasso security update
The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign-On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations and provides bindings for multiple languages. Security Fixes: lasso: Type...
OESA-2025-2666 lasso security update
The package is a implements the Liberty Alliance Single Sign On standards library, includeing the SAML2 and SAML specifications. it provides bindings for multiple languages.and allows to handle the whole life-cycle of SAML based Federations. Security Fixes: A denial of service vulnerability exist...
Malicious code in @maas-tools/module-federations (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5e9c4333709afd9ae69fb0ff8f280d123046790364d12ab0a22192bd1339bfff The OpenSSF Package Analysis project identified '@maas-tools/module-federations' @ 3.0.11 npm as malicious. It is considered malicious because: ...
MAL-2024-8737 Malicious code in @maas-tools/module-federations (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5e9c4333709afd9ae69fb0ff8f280d123046790364d12ab0a22192bd1339bfff The OpenSSF Package Analysis project identified '@maas-tools/module-federations' @ 3.0.11 npm as malicious. It is considered malicious because: ...
GHSA-F83W-WQHC-CFP4 Matrix SDK for React's URL preview setting for a room is controllable by the homeserver
Impact A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. Even if the CVSS score would be 4.1 AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N the...
DEBIAN-CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
PYSEC-2024-50
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
UBUNTU-CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...
CVE-2024-31208
CVE-2024-31208 affects Synapse (Matrix homeserver) before 1.105.1. A remote matrix user sharing a room with such servers can dispatch crafted events to exploit the V2 state resolution algorithm, causing high CPU usage and database bloat leading to a denial of service. Impact is limited to servers...
[SECURITY] Fedora 33 Update: lasso-2.7.0-1.fc33
Lasso is a library that implements the Liberty Alliance Single Sign On standards, including the SAML and SAML2 specifications. It allows to handle the whole life-cycle of SAML based Federations, and provides bindings for multiple languages...
[SECURITY] Fedora 21 Update: lasso-2.4.1-1.fc21
Lasso is a library that implements the Liberty Alliance Single Sign On standards, including the SAML and SAML2 specifications. It allows to handle the whole life-cycle of SAML based Federations, and provides bindings for multiple languages...