Lucene search
GoogleOSV:GHSA-CPPW-2MF8-QPM5HistoryMay 24, 2022 - 10:01 p.m.
Improper Verification of Cryptographic Signature in matrix-synapse
2022-05-2422:01:05
Google
osv.dev
9
cryptographic signature
matrix synapse
federation apis
events
software
EPSS
0.002
Percentile
61.8%
Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /send_join, /send_leave, and /invite may not be correctly signed, or may not come from the expected servers.
Related
osv
osv
CVE-2019-18835
2019-11-08 00:15:10
PYSEC-2019-186
2019-11-08 00:15:00
matrix-synapse vulnerabilities
2023-05-16 07:45:08
debiancve
debiancve
CVE-2019-18835
2019-11-08 00:15:10
prion
prion
Code injection
2019-11-08 00:15:00
cvelist
cvelist
CVE-2019-18835
2019-11-07 23:12:07
github
github
Improper Verification of Cryptographic Signature in matrix-synapse
2022-05-24 22:01:05
ubuntucve
ubuntucve
CVE-2019-18835
2019-11-08 00:00:00
cve
cve
CVE-2019-18835
2019-11-08 00:15:10
nvd
nvd
CVE-2019-18835
2019-11-08 00:15:10
nessus
nessus
Ubuntu 18.04 ESM : Synapse vulnerabilities (USN-6076-1)
2023-05-16 00:00:00
ubuntu
ubuntu
Synapse vulnerabilities
2023-05-16 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6076-1)
2023-05-17 00:00:00