| Overview : |
| Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. |
| Affected Product(s) : |
|
| Vulnerability Details : |
||||
Solution : Update to Matrix Synapse 1.5.0 |
Menu 
- Products
- Solution
- About
Matrix Synapse APIs prone to attack
- Rajaneesh
- November 8, 2019
- 5:16 am
- Rajaneesh
- November 8, 2019
- 5:16 am
Common Vulnerabilityies and Exposures
HejHome GKW-IC052 hard-coded credentials [CVE-2021-26611]
A vulnerability, which was classified as critical, has been found in HejHome GKW-IC052 (affected version not known). Affected by this issue is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
BaserCMS ZIP File path traversal [CVE-2021-41279]
A vulnerability, which was classified as critical, was found in BaserCMS (Content Management System) (the affected version unknown). This affects an unknown code of the component ZIP File Handler. Upgrading eliminates this vulnerability. Applying the patch d8ab0a81a7bce35cc95ff7dff851a7e87a084336 is able to eliminate this problem. The bugfix is ready for download at […]
Bandisoft ARK Library Ark_NormalizeAndDupPAthNameW path value integer overflow
A vulnerability has been found in Bandisoft ARK Library (Software Library) (the affected version is unknown) and classified as critical. This vulnerability affects the function Ark_NormalizeAndDupPAthNameW. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
-