Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:11 a.m.6 views

CVE-2019-11340

util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...

5.9CVSS6.7AI score0.01861EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 4:43 p.m.28 views

GHSA-Q9H8-GPW5-C95C Matrix Sydent mishandles emails

util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...

5.9CVSS6.4AI score0.01861EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/05/24 4:43 p.m.30 views

Matrix Sydent mishandles emails

util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...

5.9CVSS6.9AI score0.01861EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2019/04/19 2:29 p.m.22 views

CVE-2019-11340

util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...

5.9CVSS6.5AI score0.01861EPSS
Exploits0References4
CVE
CVE
added 2019/04/19 1:35 p.m.252 views

CVE-2019-11340

CVE-2019-11340 stems from Matrix Sydent’s pre-1.0.2 email-domain registration checks, where Python’s email parsing edge-case allows an address like [email protected]@good.example.com to bypass restrictions because email.utils.parseaddr can return the wrong substring. The issue is tied to the e...

5.9CVSS6.3AI score0.01861EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2019/04/19 12:0 a.m.7 views

PT-2019-12248

Name of the Vulnerable Software and Affected Versions Matrix Sydent versions prior to 1.0.2 Description The issue arises from the handling of registration restrictions based on e-mail domain in util/emailutils.py. Specifically, when the allowed local 3pids option is enabled, it can lead to...

5.9CVSS6.7AI score0.01861EPSS
Exploits0References12
NVD
NVD
added 2012/10/06 9:55 p.m.19 views

CVE-2012-1623

The Registration Codes module before 6.x-2.4 for Drupal does not restrict access to the registration code list, which might allow remote attackers to bypass intended registration restrictions...

5CVSS7AI score0.01396EPSS
Exploits0References5
Rows per page
Query Builder