This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|---|
| 2327234d-fc4b-11ea-adef-641c67a117d8 | py-matrix-synapse -- malformed events may prevent users from joining federated roomsProblem Description:Affected Synapse versions assume that all events have an "origin" field set. If an event without the "origin" field is sent into a federated room, servers not already joined to the room will be unable to do so due to failing to fetch the malformed event. Impact:An attacker could cause a denial of service by deliberately sending a malformed event into a room, thus preventing new servers (and thus their users) from joining the room. Discovery 2020-09-16 Entry 2020-09-21 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse < 1.19.2 https://github.com/matrix-org/synapse/issues/8319 https://github.com/matrix-org/synapse/pull/8324 https://github.com/matrix-org/synapse/blob/v1.19.3/CHANGES.md |