All 7 CVE vulnerabilities found in matrix-media-repo, with AI-generated Chinese analysis, references, and POCs.
Vendor: turt2live
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-36402 | Unauthenticated writes to the media repository allow planting of problematic content in Matrix Media Repo CWE-287 | 5.3 | Medium | 2025-01-16 |
| CVE-2024-36403 | Denial of service/high operating costs through unauthenticated downloads in Matrix Media Repo CWE-770 | 5.3 | Medium | 2025-01-16 |
| CVE-2024-52602 | Server-Side Request Forgery (SSRF) on redirects and federation in Matrix Media Repo CWE-918 | 5.0 | Medium | 2025-01-16 |
| CVE-2024-52791 | Denial of service through memory exhaustion in Matrix Media Repo CWE-789 | 5.3 | Medium | 2025-01-16 |
| CVE-2024-56515 | Untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders in Matrix Media Repo CWE-502 | 6.8 | Medium | 2025-01-16 |
| CVE-2023-41318 | Unsafe media served inline on download endpoints in matrix-media-repo CWE-79 | 4.1 | Medium | 2023-09-08 |
| CVE-2021-29453 | Denial of service through memory exhaustion CWE-400 | 5.7 | Medium | 2021-04-19 |
All 7 known CVE vulnerabilities affecting matrix-media-repo with full Chinese analysis, references, and POCs where available.