This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
cfa0be42-3cd7-11eb-9de7-641c67a117d8 | py-matrix-synapse -- DoS on Federation API Matrix developers reports:
Discovery 2020-12-09 Entry 2020-12-13 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse < 1.23.1 CVE-2020-26257 https://github.com/matrix-org/synapse/security/advisories/GHSA-hxmp-pqch-c8mm ports/251768 |
1afe9552-5ee3-11ea-9b6d-901b0e934d69 | py-matrix-synapse -- users of single-sign-on are vulnerable to phishing Matrix developers report:
Discovery 2020-03-03 Entry 2020-03-11 py35-matrix-synapse py36-matrix-synapse py37-matrix-synapse < 1.11.1 https://github.com/matrix-org/synapse/releases/tag/v1.11.1 |
07c0d782-f758-11ec-acaa-901b0e9408dc | py-matrix-synapse -- unbounded recursion in urlpreview Matrix developers report:
Discovery 2022-06-28 Entry 2022-06-29 py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse py310-matrix-synapse py311-matrix-synapse < 1.61.1 CVE-2022-31052 https://matrix.org/blog/2022/06/28/security-release-synapse-1-61-1 |
2327234d-fc4b-11ea-adef-641c67a117d8 | py-matrix-synapse -- malformed events may prevent users from joining federated roomsProblem Description:Affected Synapse versions assume that all events have an "origin" field set. If an event without the "origin" field is sent into a federated room, servers not already joined to the room will be unable to do so due to failing to fetch the malformed event. Impact:An attacker could cause a denial of service by deliberately sending a malformed event into a room, thus preventing new servers (and thus their users) from joining the room. Discovery 2020-09-16 Entry 2020-09-21 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse < 1.19.2 https://github.com/matrix-org/synapse/issues/8319 https://github.com/matrix-org/synapse/pull/8324 https://github.com/matrix-org/synapse/blob/v1.19.3/CHANGES.md |
d9f686f3-fde0-48dc-ab0a-01c2fe3e0529 | py-matrix-synapse -- multiple vulnerabilities Matrix developers report:
Discovery 2020-07-02 Entry 2020-07-03 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse < 1.15.2 https://github.com/matrix-org/synapse/releases/tag/v1.15.2 |
a67e358c-0bf6-11ec-875e-901b0e9408dc | py-matrix-synapse -- several vulnerabilities Matrix developers report:
Discovery 2021-08-31 Entry 2021-09-02 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse py310-matrix-synapse < 1.41.1 ports/258187 CVE-2021-39164 CVE-2021-39163 https://matrix.org/blog/2021/08/31/synapse-1-41-1-released |
27aa2253-4c72-11ec-b6b9-e86a64caca56 | py-matrix-synapse -- several vulnerabilities Matrix developers report:
Discovery 2021-11-18 Entry 2021-11-23 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse py310-matrix-synapse < 1.47.1 ports/259994 CVE-2021-41281 https://matrix.org/blog/2021/11/23/synapse-1-47-1-released |
5f39d80f-107c-11eb-8b47-641c67a117d8 | py-matrix-synapse -- XSS vulnerability Matrix developers reports:
Discovery 2020-10-01 Entry 2020-10-17 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse < 1.21.0 CVE-2020-26891 https://github.com/matrix-org/synapse/security/advisories/GHSA-3x8c-fmpc-5rmq https://github.com/matrix-org/synapse/releases/tag/v1.21.2 ports/249948 |
278561d7-b261-11eb-b788-901b0e934d69 | py-matrix-synapse -- malicious push rules may be used for a denial of service attack. Matrix developers report:
Discovery 2021-05-11 Entry 2021-05-11 py36-matrix-synapse py37-matrix-synapse py38-matrix-synapse py39-matrix-synapse < 1.33.2 CVE-2021-29471 https://github.com/matrix-org/synapse/security/advisories/GHSA-x345-32rc-8h85 |