4 matches found
Insecure Inherited Permissions
Overview Affected versions of this package are vulnerable to Insecure Inherited Permissions in the LookupResources API. An attacker can cause incomplete or missing results to be returned by crafting schemas that define permissions using unions referencing the same relation with different...
Linux Distros Unpatched Vulnerability : CVE-2021-41281
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be...
SUSE CVE-2021-41281
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...
DEBIAN-CVE-2021-41281
Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. T...