FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-30 04:04:33 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
bdfa6c04-027a-11ef-9c21-901b0e9408dc	py-matrix-synapse -- weakness in auth chain indexing allows DoS Matrix developers report: Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage. (High severity) Discovery 2024-04-23 Entry 2024-04-24 py38-matrix-synapse py39-matrix-synapse py310-matrix-synapse py311-matrix-synapse < 1.105.1 CVE-2024-31208 https://element.io/blog/security-release-synapse-1-105-1/ https://github.com/element-hq/synapse/security/advisories/GHSA-3h7q-rfh9-xm4v
71f3e9f0-bafc-11ef-885d-901b0e934d69	py-matrix-synapse -- multiple vulnerabilities in versions prior to 1.120.1 element-hq/synapse developers report: [The 1.120.1] release fixes multiple security vulnerabilities, some affecting all prior versions of Synapse. Server administrators are encouraged to update Synapse as soon as possible. We are not aware of these vulnerabilities being exploited in the wild. Administrators who are unable to update Synapse may use the workarounds described in the linked GitHub Security Advisory below. Discovery 2024-12-03 Entry 2024-12-15 py38-matrix-synapse py39-matrix-synapse py310-matrix-synapse py311-matrix-synapse < 1.120.1 CVE-2024-52805 https://github.com/element-hq/synapse/security/advisories/GHSA-rfq8-j7rh-8hf2 CVE-2024-52815 https://github.com/element-hq/synapse/security/advisories/GHSA-f3r3-h2mq-hx2h CVE-2024-53863 https://github.com/element-hq/synapse/security/advisories/GHSA-vp6v-whfm-rv3g CVE-2024-53867 https://github.com/element-hq/synapse/security/advisories/GHSA-56w4-5538-8v8h CVE-2024-37302 https://github.com/element-hq/synapse/security/advisories/GHSA-4mhg-xv73-xq2x CVE-2024-37303 https://github.com/element-hq/synapse/security/advisories/GHSA-gjgr-7834-rhxr

VuXML ID

Description

bdfa6c04-027a-11ef-9c21-901b0e9408dc

py-matrix-synapse -- weakness in auth chain indexing allows DoS

Matrix developers report:

Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage. (High severity)

Discovery 2024-04-23
Entry 2024-04-24
py38-matrix-synapse
py39-matrix-synapse
py310-matrix-synapse
py311-matrix-synapse

< 1.105.1

CVE-2024-31208
https://element.io/blog/security-release-synapse-1-105-1/
https://github.com/element-hq/synapse/security/advisories/GHSA-3h7q-rfh9-xm4v

71f3e9f0-bafc-11ef-885d-901b0e934d69

py-matrix-synapse -- multiple vulnerabilities in versions prior to 1.120.1

element-hq/synapse developers report:

[The 1.120.1] release fixes multiple security vulnerabilities, some affecting all prior versions of Synapse. Server administrators are encouraged to update Synapse as soon as possible. We are not aware of these vulnerabilities being exploited in the wild.

Administrators who are unable to update Synapse may use the workarounds described in the linked GitHub Security Advisory below.

Discovery 2024-12-03
Entry 2024-12-15
py38-matrix-synapse
py39-matrix-synapse
py310-matrix-synapse
py311-matrix-synapse

< 1.120.1

CVE-2024-52805
https://github.com/element-hq/synapse/security/advisories/GHSA-rfq8-j7rh-8hf2
CVE-2024-52815
https://github.com/element-hq/synapse/security/advisories/GHSA-f3r3-h2mq-hx2h
CVE-2024-53863
https://github.com/element-hq/synapse/security/advisories/GHSA-vp6v-whfm-rv3g
CVE-2024-53867
https://github.com/element-hq/synapse/security/advisories/GHSA-56w4-5538-8v8h
CVE-2024-37302
https://github.com/element-hq/synapse/security/advisories/GHSA-4mhg-xv73-xq2x
CVE-2024-37303
https://github.com/element-hq/synapse/security/advisories/GHSA-gjgr-7834-rhxr