OPENSUSE-SU-2026:10898-1 matrix-synapse-1.153.0-2.1 on GA media

These are all security issues fixed in the matrix-synapse-1.153.0-2.1 package on the GA media of openSUSE Tumbleweed...

Improper Check for Unusual or Exceptional Conditions

Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the pagination process for federated rooms. An attacker can cause clients to fail to display room...

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2026-45076 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2026-45076 Source advisory: OSV:GHSA-6QF2-7X63-MM6V...

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2026-45078 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2026-45078 Source advisory: OSV:GHSA-8Q93-326V-3M7G...

Asymmetric Resource Consumption (Amplification)

Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Asymmetric Resource Consumption Amplification through the handling of authenticated user requests. An attacker can exhaust CPU resources and cause service...

Fedora 43 : matrix-synapse / rust-pythonize (2026-151bfcc2af)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2026-151bfcc2af advisory. Update matrix-synapse to v1.147.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora: Security Advisory (FEDORA-2026-151bfcc2af)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2026:10196-1 matrix-synapse-1.147.1-1.1 on GA media

These are all security issues fixed in the matrix-synapse-1.147.1-1.1 package on the GA media of openSUSE Tumbleweed...

Improper Validation of Specified Type of Input

Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Improper Validation of Specified Type of Input due to insufficient validation of device keys. An attacker can disrupt federation functionality and unpredictab...

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2025-61672 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2025-61672 Source advisory: OSV:GHSA-FH66-FCV5-JJFR...

CVE-2025-61672

Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in Synapse 1.139.0 allow an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeserver...

matrix-synapse-1.139.1-1.1 on GA media (moderate)

matrix-synapse-1.139.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:15603-1 Rating: moderate Cross-References: CVE-2025-61672 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

EUVD-2019-0083

Malware in sbrugna...

EUVD-2020-0107

Malware in sbrugna...

EUVD-2020-0108

Malware in sbrugna...

EUVD-2019-0084

Malware in sbrugna...

OPENSUSE-SU-2025:15603-1 matrix-synapse-1.139.1-1.1 on GA media

These are all security issues fixed in the matrix-synapse-1.139.1-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2022-5320

Malicious code in bioql PyPI...

EUVD-2022-3811

Malicious code in bioql PyPI...

EUVD-2022-5380

Malicious code in bioql PyPI...