org.jenkins-ci.plugins:azure-ad (>=378.380.v545b_1154b_3fb_ <=457.vf85d61f83b_26), org.openshift.jenkins:openshift-login (>=1.1.0.227.v27e08dfb_1a_20 <=1.1.0.248.v1908df5c4f5e) potentially affected by CVE-2026-42521 via org.jenkins-ci.plugins:matrix-auth (>=3.1.10 <=3.2.1)

org.jenkins-ci.plugins:matrix-auth MAVEN version =3.1.10, =378.380.v545b1154b3fb, =1.1.0.227.v27e08dfb1a20, =1.1.0.248.v1908df5c4f5e Source cves: CVE-2026-42521 Source advisory: SNYK:JAVA-ORGJENKINSCIPLUGINS-16322871...

CVE-2025-62425

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

CVE-2025-62425

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

EUVD-2025-34822

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

CVE-2025-62425

MAS (Matrix Authentication Service) is affected by a logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 that lets an attacker with access to an authenticated MAS session perform sensitive operations without entering the current password (e.g., changing the password, adding/removing ...

CVE-2025-62425 Matrix Authentication Service account password can be changed using an authenticated session without supplying the current password

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

CVE-2025-62425 Matrix Authentication Service account password can be changed using an authenticated session without supplying the current password

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

CVE-2025-62425 Matrix Authentication Service account password can be changed using an authenticated session without supplying the current password

MAS Matrix Authentication Service is a user management and authentication service for Matrix homeservers, written and maintained by Element. A logic flaw in matrix-authentication-service 0.20.0 through 1.4.0 allows an attacker with access to an authenticated MAS session to perform sensitive...

Matrix Authentication Service 安全漏洞

Matrix Authentication Service is a user management and authentication system from Element Open Source. A security vulnerability exists in Matrix Authentication Service versions 0.20.0 through 1.4.0, which stems from a logic flaw that could allow an attacker to perform sensitive operations without...

com.joelj.jenkins:ez-templates (=1.0.5), com.synopsys.jenkinsci:ownership (>=0.9.0 <=0.13.0) +12 more potentially affected by CVE-2021-21623 via org.jenkins-ci.plugins:matrix-auth (>=1.0 <=1.7)

org.jenkins-ci.plugins:matrix-auth MAVEN version =1.0, =0.9.0, =0.34, =1.535, =1.645, =0.1.1, =1.0, =2.4.0, =1.0-beta.2, =1.0, =2.0.0, =0.1, =1.0.21 Source cves: CVE-2021-21623 Source advisory: OSV:GHSA-96JW-3XW4-MQ9P...

com.joelj.jenkins:ez-templates (=1.0.5), com.synopsys.jenkinsci:ownership (>=0.9.0 <=0.13.0) +12 more potentially affected by CVE-2020-2226 via org.jenkins-ci.plugins:matrix-auth (>=1.0 <=1.7)

org.jenkins-ci.plugins:matrix-auth MAVEN version =1.0, =0.9.0, =0.34, =1.535, =1.645, =0.1.1, =1.0, =2.4.0, =1.0-beta.2, =1.0, =2.0.0, =0.1, =1.0.21 Source cves: CVE-2020-2226 Source advisory: OSV:GHSA-VR6V-WJFW-RXCR...

Matrix Sydent 资源管理错误漏洞

Matrix Sydent is an implementation of the Matrix Authentication Server API from the Matrix.org Foundation in the UK. Sydent suffers from a resource management error vulnerability that results in memory exhaustion and denial of service...