Lucene search
K

347 matches found

Fedora
Fedora
added 2023/10/24 1:13 a.m.33 views

[SECURITY] Fedora 37 Update: matrix-synapse-1.80.0-7.fc37

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

4.9CVSS5AI score0.01166EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/24 12:0 a.m.28 views

Fedora 37 : matrix-synapse (2023-954c2ec5bd)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-954c2ec5bd advisory. Backport fix for CVE-2023-45129 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

4.9CVSS5.3AI score0.01166EPSS
Exploits0References2
Fedora
Fedora
added 2023/10/20 12:42 a.m.46 views

[SECURITY] Fedora 38 Update: matrix-synapse-1.94.0-2.fc38

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

4.9CVSS5AI score0.01166EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/10/20 12:0 a.m.16 views

Fedora: Security Advisory for matrix-synapse (FEDORA-2023-c3c8cc5f8b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.9CVSS5.2AI score0.01166EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.19 views

Fedora 38 : matrix-synapse (2023-c3c8cc5f8b)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-c3c8cc5f8b advisory. Update to v1.94.0 CVE-2023-45129 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

4.9CVSS5.3AI score0.01166EPSS
Exploits0References2
OSV
OSV
added 2023/10/10 9:27 p.m.21 views

GHSA-5CHR-WJW5-3GQ4 matrix-synapse vulnerable to denial of service due to malicious server ACL events

Impact A malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service. Homeservers running on a closed federation which presumably do not need to use server ACLs are not affected. Patches Server administrators are advised to upgrade to...

6.9CVSS4.9AI score0.01166EPSS
Exploits0References11
vulnersOsv
vulnersOsv
added 2023/10/10 9:27 p.m.5 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.93.0.0) +7 more potentially affected by CVE-2023-45129 via matrix-synapse (>=0.33.9 <=1.93.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2023-45129 Source advisory: OSV:GHSA-5CHR-WJW5-3GQ4...

4.9CVSS5.5AI score0.01166EPSS
Exploits0
Github Security Blog
Github Security Blog
added 2023/10/10 9:27 p.m.39 views

matrix-synapse vulnerable to denial of service due to malicious server ACL events

Impact A malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service. Homeservers running on a closed federation which presumably do not need to use server ACLs are not affected. Patches Server administrators are advised to upgrade to...

4.9CVSS5.4AI score0.01166EPSS
Exploits0References11Affected Software1
vulnersOsv
vulnersOsv
added 2023/10/10 6:15 p.m.6 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-synapse-testutils (>=1.65.0.0 <=1.93.0.0) +7 more potentially affected by CVE-2023-45129 via matrix-synapse (>=0.33.9 <=1.93.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =1.65.0.0, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2023-45129 Source advisory: OSV:PYSEC-2023-199...

4.9CVSS5.5AI score0.01166EPSS
Exploits0
Cvelist
Cvelist
added 2023/10/10 5:17 p.m.63 views

CVE-2023-45129 matrix-synapse vulnerable to denial of service due to malicious server ACL events

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Prior to version 1.94.0, a malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service. Homeservers running on a closed federation which...

4.9CVSS5.3AI score0.01166EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.31 views

Matrix Synapse Security Vulnerability

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the UK. A security vulnerability exists in Matrix Synapse versions prior to 1.94.0 that stems from a malicious server ACL event that can impact server performance and lead to a denial of service DOS...

4.9CVSS6.6AI score0.01166EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2023/10/07 12:0 a.m.21 views

Fedora: Security Advisory for matrix-synapse (FEDORA-2023-84ee781688)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS4.8AI score0.0065EPSS
Exploits0References2
Fedora
Fedora
added 2023/10/06 12:51 a.m.35 views

[SECURITY] Fedora 37 Update: matrix-synapse-1.80.0-6.fc37

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

4.3CVSS4.4AI score0.0065EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/10/06 12:0 a.m.16 views

Fedora: Security Advisory for matrix-synapse (FEDORA-2023-5d980e6aaf)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS4.8AI score0.0065EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.32 views

Fedora 37 : matrix-synapse (2023-5d980e6aaf)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5d980e6aaf advisory. Backport fixes for CVE-2023-41335, CVE-2023-42453 Tenable has extracted the preceding description block directly from the Fedora security advisory...

4.3CVSS6.3AI score0.0065EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/10/06 12:0 a.m.28 views

Fedora 38 : matrix-synapse (2023-84ee781688)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-84ee781688 advisory. Update to v1.93.0 CVE-2023-41335, CVE-2023-42453 Tenable has extracted the preceding description block directly from the Fedora security advisory...

4.3CVSS6.3AI score0.0065EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2023/09/27 3:19 p.m.4 views

matrix-synapse-testutils (>=1.65.0.0 <=1.92.2.0) potentially affected by CVE-2023-42453 via matrix-synapse (>=1.65.0 <=1.92.2)

matrix-synapse PYPI version =1.65.0, =1.65.0.0, =1.92.2.0 Source cves: CVE-2023-42453 Source advisory: OSV:PYSEC-2023-180...

4.3CVSS6.4AI score0.0065EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/09/27 3:19 p.m.5 views

matrix-synapse-testutils (>=1.66.0.0 <=1.92.2.0) potentially affected by CVE-2023-41335 via matrix-synapse (>=1.66.0 <=1.92.2)

matrix-synapse PYPI version =1.66.0, =1.66.0.0, =1.92.2.0 Source cves: CVE-2023-41335 Source advisory: OSV:PYSEC-2023-185...

3.7CVSS6.4AI score0.00362EPSS
Exploits0
PyPA
PyPA
added 2023/09/27 3:19 p.m.6 views

PYSEC-2023-185

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities—it already learns the users' passwords as...

3.7CVSS6.9AI score0.00362EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/09/26 8:51 p.m.30 views

CVE-2023-41335 Temporary storage of plaintext passwords during password changes in matrix synapse

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities—it already learns the users' passwords as...

3.7CVSS4.8AI score0.00362EPSS
Exploits0References6
Rows per page
Query Builder