漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Synapse vulnerable to federation denial of service via malformed events
Vulnerability Description
Synapse is an open source Matrix homeserver implementation. A malicious server can craft events which, when received, prevent Synapse version up to 1.127.0 from federating with other servers. The vulnerability has been exploited in the wild and has been fixed in Synapse v1.127.1. No known workarounds are available.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Element Synapse 输入验证错误漏洞
Vulnerability Description
Element Synapse是Element开源的一个开源 Matrix 家庭服务器实现。 Element Synapse 1.127.0及之前版本存在输入验证错误漏洞,该漏洞源于恶意服务器可阻止与其他服务器联合。
CVSS Information
N/A
Vulnerability Type
N/A