Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2022/05/13 1:8 a.m.22 views

Matrix Synapse Predictable Secret Key

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.5CVSS7.1AI score0.02418EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2022/05/13 1:8 a.m.15 views

GHSA-JRQM-V8CV-53WW Matrix Synapse Predictable Secret Key

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

8.7CVSS7.5AI score0.02418EPSS
Exploits0References11
OSV
OSV
added 2019/03/21 4:1 p.m.2 views

DEBIAN-CVE-2019-5885

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.5CVSS7.1AI score0.02418EPSS
Exploits0References1
PyPA
PyPA
added 2019/03/21 4:1 p.m.5 views

PYSEC-2019-187

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.5CVSS7.1AI score0.02418EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2019/03/21 4:1 p.m.4 views

UBUNTU-CVE-2019-5885

Matrix Synapse before 0.34.0.1, when the macaroonsecretkey authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users...

7.5CVSS7.2AI score0.02418EPSS
Exploits0References4
Rows per page
Query Builder