23 matches found
CVE-2024-56515
Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in...
CVE-2024-56515 Untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders in Matrix Media Repo
Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in...
CVE-2024-56515 Untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders in Matrix Media Repo
Matrix Media Repo MMR is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled they are disabled by default, a user may upload a file which claims to be either of these types and request a thumbnail to invoke a different decoder in...
CVE-2024-56515
CVE-2024-56515 affects Matrix Media Repo (MMR). The issue arises when enabling SVG/JPEGXL/MP4 thumbnailers may allow a crafted upload to trigger a decoder in ImageMagick or ffmpeg, potentially leading to code execution in some environments. MMR v1.3.8 fixes the problem by validating media mimetyp...
PT-2025-3302 · Unknown +2 · Matrix Media Repo +4
Name of the Vulnerable Software and Affected Versions: Matrix Media Repo versions prior to 1.3.8 Description: The issue arises when SVG or JPEGXL thumbnailers are enabled, allowing a user to upload a file that claims to be one of these types and request a thumbnail, potentially invoking a differe...
OPENSUSE-SU-2019:2038-1 Security update for flatpak
This update for flatpak fixes the following issues: Security issues fixed: - CVE-2019-8308: Fixed a potential sandbox escape via /proc bsc1125431. - CVE-2019-11460: Fixed a compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl bsc1133043...
UBUNTU-CVE-2019-11460
An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's...
Fedora Update for kdegraphics-thumbnailers FEDORA-2014-11448
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 20 Update: kdegraphics-thumbnailers-4.14.1-1.fc20
Thumbnailers for various graphic types...
Fedora Update for kdegraphics-thumbnailers FEDORA-2013-13499
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for kdegraphics-thumbnailers FEDORA-2013-13112
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for kdegraphics-thumbnailers FEDORA-2013-13499
Check for the Version of kdegraphics-thumbnailers OpenVAS Vulnerability Test Fedora Update for kdegraphics-thumbnailers FEDORA-2013-13499 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribu...
Fedora Update for kdegraphics-thumbnailers FEDORA-2013-13112
Check for the Version of kdegraphics-thumbnailers OpenVAS Vulnerability Test Fedora Update for kdegraphics-thumbnailers FEDORA-2013-13112 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribu...
Fedora Update for kdegraphics-thumbnailers FEDORA-2013-10182
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for kdegraphics-thumbnailers FEDORA-2013-10182
Check for the Version of kdegraphics-thumbnailers OpenVAS Vulnerability Test Fedora Update for kdegraphics-thumbnailers FEDORA-2013-10182 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribu...
[SECURITY] Fedora 17 Update: kdegraphics-thumbnailers-4.10.4-1.fc17
Thumbnailers for various graphic types...
Fedora Update for kdegraphics-thumbnailers FEDORA-2013-10130
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for kdegraphics-thumbnailers FEDORA-2013-10130
Check for the Version of kdegraphics-thumbnailers OpenVAS Vulnerability Test Fedora Update for kdegraphics-thumbnailers FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribu...
[SECURITY] Fedora 18 Update: kdegraphics-thumbnailers-4.10.4-1.fc18
Thumbnailers for various graphic types...
[SECURITY] Fedora 19 Update: kdegraphics-thumbnailers-4.10.4-1.fc19
Thumbnailers for various graphic types...