[Git][security-tracker-team/security-tracker][master] CVE-2022-31052 is for synapse
Andrej Shadura (@andrewsh)
andrewsh at debian.org
Tue Jun 28 18:11:10 BST 2022
Andrej Shadura pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ac6b7e3c by Andrej Shadura at 2022-06-28T19:10:37+02:00
CVE-2022-31052 is for synapse
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9413,8 +9413,10 @@ CVE-2022-31054 (Argo Events is an event-driven workflow automation framework for
NOT-FOR-US: Argo
CVE-2022-31053 (Biscuit is an authentication and authorization token for microservices ...)
NOT-FOR-US: Biscuit
-CVE-2022-31052
- RESERVED
+CVE-2022-31052 (URL previews of unusual or maliciously-crafted pages can crash Synapse ...)
+ - matrix-synapse 1.61.1-1
+ NOTE: https://github.com/matrix-org/synapse/security/advisories/GHSA-22p3-qrh9-cx32
+ NOTE: https://github.com/matrix-org/synapse/commit/fa1308061802ac7b7d20e954ba7372c5ac292333
CVE-2022-31051 (semantic-release is an open source npm package for automated version m ...)
NOT-FOR-US: Node semantic-release
CVE-2022-31050 (TYPO3 is an open source web content management system. Prior to versio ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac6b7e3c8852202a41255bcc85fbe4d1a18ca075
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac6b7e3c8852202a41255bcc85fbe4d1a18ca075
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220628/f178dbb0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list