4 matches found
DEBIAN-CVE-2023-32683
Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can bypass the urlpreviewurlblacklist setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the...
UBUNTU-CVE-2023-32683
Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can bypass the urlpreviewurlblacklist setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the...
Matrix Synapse 代码问题漏洞
Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the UK. A code issue vulnerability exists in Matrix Synapse versions prior to 1.85.0 that stems from the urlpreviewurlblacklist setting that can be bypassed via oEmbed or URL...
PT-2023-23958 · Synapse +2 · Synapse +2
Name of the Vulnerable Software and Affected Versions: Synapse versions prior to 1.85.0 Description: A discovered oEmbed or image URL can bypass the url preview url blacklist setting, potentially allowing server-side request forgery or bypassing network policies. The impact is limited to IP...