CVE-2024-40648 `UserIdentity::is_verified` not checking verification status of own user identity while performing the check in matrix-rust-sdk

matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. The UserIdentity::isverified method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check and may as a result retur...

GHSA-4QG4-CVH2-CRGG matrix-sdk-crypto's `UserIdentity::is_verified` not checking verification status of own user identity while performing the check

The UserIdentity::isverified method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check and may as a result return a value contrary to what is implied by its name and documentation. Impact If t...

matrix-sdk-crypto's `UserIdentity::is_verified` not checking verification status of own user identity while performing the check

The UserIdentity::isverified method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check and may as a result return a value contrary to what is implied by its name and documentation. Impact If t...

`UserIdentity::is_verified` not checking verification status of own user identity while performing the check

The UserIdentity::isverified method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check and may as a result return a value contrary to what is implied by its name and documentation. Impact If t...

SUSE CVE-2022-4133

We were unable to verify this vulnerbility...

pwnedOrNot v1.1.0 - Tool To Find Passwords For Compromised Email Accounts Using HaveIBeenPwned API

pwnedOrNot uses haveibeenpwned v2 api to test email accounts and tries to find the password in Pastebin Dumps. Features haveibeenpwned offers a lot of information about the compromised email, some useful information is displayed by this script: Name of Breach Domain Name Date of Breach Fabricatio...

Debian DSA-4222-1 : gnupg2 - security update

Marcus Brinkmann discovered that GnuPG performed insufficient sanitisation of file names displayed in status messages, which could be abused to fake the verification status of a signed email. Details can be found in the upstream advisory at...

[ASA-201806-8] gnupg: content spoofing

Arch Linux Security Advisory ASA-201806-8 ========================================= Severity: High Date : 2018-06-11 CVE-ID : CVE-2018-12020 Package : gnupg Type : content spoofing Remote : Yes Link : https://security.archlinux.org/AVG-713 Summary ======= The package gnupg before version 2.2.8-1 ...

[SECURITY] [DSA 4223-1] gnupg1 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4223-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 08, 2018 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4222-1] gnupg2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4222-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 08, 2018 https://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-4222-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...