This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
1afe9552-5ee3-11ea-9b6d-901b0e934d69 | py-matrix-synapse -- users of single-sign-on are vulnerable to phishing Matrix developers report:
Discovery 2020-03-03 Entry 2020-03-11 py35-matrix-synapse py36-matrix-synapse py37-matrix-synapse < 1.11.1 https://github.com/matrix-org/synapse/releases/tag/v1.11.1 |
383931ba-1818-11e9-92ea-448a5b29e8a9 | py-matrix-synapse -- undisclosed vulnerability Matrix developers report:
Discovery 2019-01-10 Entry 2019-01-15 py27-matrix-synapse py35-matrix-synapse py36-matrix-synapse py37-matrix-synapse < 0.34.1.1 CVE-2019-5885 https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/ |
ed8cbad5-21a8-11ea-9b6d-901b0e934d69 | py-matrix-synapse -- multiple vulnerabilities Matrix developers report:
Discovery 2019-12-18 Entry 2019-12-18 py35-matrix-synapse py36-matrix-synapse py37-matrix-synapse < 1.7.1 https://github.com/matrix-org/synapse/releases/tag/v1.7.1 |
d9f686f3-fde0-48dc-ab0a-01c2fe3e0529 | py-matrix-synapse -- multiple vulnerabilities Matrix developers report:
Discovery 2020-07-02 Entry 2020-07-03 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse < 1.15.2 https://github.com/matrix-org/synapse/releases/tag/v1.15.2 |
2327234d-fc4b-11ea-adef-641c67a117d8 | py-matrix-synapse -- malformed events may prevent users from joining federated roomsProblem Description:Affected Synapse versions assume that all events have an "origin" field set. If an event without the "origin" field is sent into a federated room, servers not already joined to the room will be unable to do so due to failing to fetch the malformed event. Impact:An attacker could cause a denial of service by deliberately sending a malformed event into a room, thus preventing new servers (and thus their users) from joining the room. Discovery 2020-09-16 Entry 2020-09-21 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse < 1.19.2 https://github.com/matrix-org/synapse/issues/8319 https://github.com/matrix-org/synapse/pull/8324 https://github.com/matrix-org/synapse/blob/v1.19.3/CHANGES.md |
cfa0be42-3cd7-11eb-9de7-641c67a117d8 | py-matrix-synapse -- DoS on Federation API Matrix developers reports:
Discovery 2020-12-09 Entry 2020-12-13 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse < 1.23.1 CVE-2020-26257 https://github.com/matrix-org/synapse/security/advisories/GHSA-hxmp-pqch-c8mm ports/251768 |
42675046-fa70-11e9-ba4e-901b0e934d69 | py-matrix-synapse -- missing signature checks on some federation APIs Matrix developers report:
Discovery 2019-10-29 Entry 2019-10-29 py35-matrix-synapse py36-matrix-synapse py37-matrix-synapse < 1.5.0 https://github.com/matrix-org/synapse/pull/6262 https://github.com/matrix-org/synapse/releases/tag/v1.5.0 |
38d2df4d-b143-11e9-87e7-901b0e934d69 | py-matrix-synapse -- multiple vulnerabilities Matrix developers report:
Discovery 2019-07-26 Entry 2019-07-28 py27-matrix-synapse py35-matrix-synapse py36-matrix-synapse py37-matrix-synapse < 1.2.1 https://matrix.org/blog/2019/07/26/critical-security-update-synapse-1-2-1-released https://github.com/matrix-org/synapse/releases/tag/v1.2.1 |
278561d7-b261-11eb-b788-901b0e934d69 | py-matrix-synapse -- malicious push rules may be used for a denial of service attack. Matrix developers report:
Discovery 2021-05-11 Entry 2021-05-11 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse < 1.33.2 CVE-2021-29471 https://github.com/matrix-org/synapse/security/advisories/GHSA-x345-32rc-8h85 |
27aa2253-4c72-11ec-b6b9-e86a64caca56 | py-matrix-synapse -- several vulnerabilities Matrix developers report:
Discovery 2021-11-18 Entry 2021-11-23 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse py310-matrix-synapse < 1.47.1 ports/259994 CVE-2021-41281 https://matrix.org/blog/2021/11/23/synapse-1-47-1-released |
a67e358c-0bf6-11ec-875e-901b0e9408dc | py-matrix-synapse -- several vulnerabilities Matrix developers report:
Discovery 2021-08-31 Entry 2021-09-02 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse py310-matrix-synapse < 1.41.1 ports/258187 CVE-2021-39164 CVE-2021-39163 https://matrix.org/blog/2021/08/31/synapse-1-41-1-released |
9c36d41c-11df-11ea-9b6d-901b0e934d69 | py-matrix-synapse -- incomplete cleanup of 3rd-party-IDs on user deactivation Matrix developers report:
Discovery 2019-11-28 Entry 2019-11-28 py35-matrix-synapse py36-matrix-synapse py37-matrix-synapse < 1.6.1 https://github.com/matrix-org/synapse/releases/tag/v1.6.1 https://github.com/matrix-org/synapse/pull/6426 |
5f39d80f-107c-11eb-8b47-641c67a117d8 | py-matrix-synapse -- XSS vulnerability Matrix developers reports:
Discovery 2020-10-01 Entry 2020-10-17 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse < 1.21.0 CVE-2020-26891 https://github.com/matrix-org/synapse/security/advisories/GHSA-3x8c-fmpc-5rmq https://github.com/matrix-org/synapse/releases/tag/v1.21.2 ports/249948 |