2 matches found
Fedora 38 : matrix-synapse (2023-84ee781688)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-84ee781688 advisory. Update to v1.93.0 CVE-2023-41335, CVE-2023-42453 Tenable has extracted the preceding description block directly from the Fedora security advisory...
Improper Authorization
Synapse is vulnerable to Improper Authorization. The vulnerability is due to a flaw that allowed users to forge read receipts for any event. The attacker can mark any event as read even if he/she was not in the room...