Search CVE reports
41 – 42 of 42 results
Some fixes available 1 of 9
The on_get_missing_events function in handlers/federation.py in Matrix Synapse before 0.31.1 has a security bug in the get_missing_events federation API where event visibility rules were not applied correctly.
1 affected package
matrix-synapse
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| matrix-synapse | Not affected | Not affected | Not affected | Fixed |
Some fixes available 11 of 12
Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the...
1 affected package
matrix-synapse
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| matrix-synapse | — | Fixed | Fixed | Fixed |