Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Advisories
Loading...
High
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: 5 months ago
GSA_kwCzR0hTQS1qaGpoLTc3Nm0tNDc2Nc4AAujv
Denial of service due to incorrect application of event authorization rulesEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: 5 months ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: 7 months ago
GSA_kwCzR0hTQS0yMnAzLXFyaDktY3gzMs4AAtBv
URL previews of unusual or maliciously-crafted pages can crash Synapse media repositories or Synapse monolithsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: 7 months ago
High
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS1jcHB3LTJtZjgtcXBtNc4AAq-J
Improper Verification of Cryptographic Signature in matrix-synapseEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: 9 months ago
High
Ecosystems: pypi
Packages: matrix-synapse, matrix-sydent
Source: GitHub Advisory Database
Published: 9 months ago
GSA_kwCzR0hTQS1nd2Y3LXZmamYtd2Y2eM4AAgqX
matrix-sydent and matrix-synapse Use Cryptographically Weak PRNGEcosystems: pypi
Packages: matrix-synapse, matrix-sydent
Source: GitHub Advisory Database
Published: 9 months ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: 10 months ago
GSA_kwCzR0hTQS00ODIyLWp2d3gtdzQ3aM03pA
Uncontrolled Resource Consumption in Matrix SynapseEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: 10 months ago
High
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: about 1 year ago
GSA_kwCzR0hTQS0zaGZ3LXg3Z3gtNDM3Y80X4Q
Path traversal in Matrix SynapseEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 1 year ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpqNTMtOGZtdy1mMncy
Adding a private/unlisted room to a community exposes room metadata in an unauthorised manner.Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 1 year ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4NGMtcHEzMy00dzNx
Improper authorisation of members discloses room membership to non-membersEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 1 year ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdoNXYtODV3OS1wcTZj
Denial of service (via resource exhaustion) due to improper input validation in third-party identifier endpointEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 1 year ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgzNDUtMzJyYy04aDg1
Denial of service attack via push rule patterns in matrix-synapseEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 1 year ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3cmgtNGp3di01dzc4
Open redirect via transitional IPv6 addresses on dual-stack networksEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5ZmcteGZmaC1wMzYy
Denial of service (via resource exhaustion) due to improper input validation on third-party identifier endpointsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpyaDctbWhoeC02aDg4
Denial of service (via resource exhaustion) due to improper input validation on groups/communities endpointsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1ZjgtMzVxci1xNGZt
HTML injection in email and account expiry notificationsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0NnctNTZtMi01ODk5
Cross-site scripting (XSS) vulnerability in the password reset endpointEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJod3gtbWpybS12M2c4
Denial of service attack via .well-known lookupsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
Low
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5MzYtajhncC05cTNw
Open redirects on some federation and push requestsEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: almost 2 years ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4bXAtcHFjaC1jOG1t
Denial of service attack via incorrect parameters in Matrix SynapseEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: about 2 years ago
High
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtcDMtMzg1ci12NjNm
Denial of service attack due to invalid JSONEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: about 2 years ago
Moderate
Ecosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4OGMtZm1wYy01cm1x
Cross-site scripting (XSS) vulnerability in the fallback authentication endpointEcosystems: pypi
Packages: matrix-synapse
Source: GitHub Advisory Database
Published: over 2 years ago
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
403
tensorflow-gpu
366
tensorflow-cpu
366
apache-airflow
43
ansible
42
django
42
rdiffweb
40
Pillow
39
opencv-contrib-python
30
opencv-python
30
matrix-synapse
20
Plone
20
apache-superset
20
notebook
13
pyftpdlib
13
onionshare-cli
11
Django
11
twisted
10
vyper
10
calibreweb
9
waitress
9
opencv-python-headless
9
OctoPrint
8
pyload-ng
8
opencv-contrib-python-headless
8
urllib3
7
pillow
7
pysaml2
7
numpy
7
tensorflow-lite
7
Flask-AppBuilder
6
lief
6
ipython
6
inventree
6
python-gnupg
6
cobbler
6
wagtail
6
Zope2
6
Zope
5
bleach
5
matrix-sydent
5
salt
5
modoboa
5
tuf
5
pip
5
feedparser
5
lxml
5
cryptography
5
awsiotsdk
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
qutebrowser
4
scrapy
4
aws-iot-device-sdk-v2
4
nvflare
4
Flask-Security-Too
4
gerapy
4
graphite-web
4
markdown2
4
nltk
4
FreeTAKServer-UI
4
jupyter-server
4
plone.app.event
3
bitlyshortener
3
plone.app.theming
3
plone.app.dexterity
3
plone.supermodel
3
indy-node
3
ujson
3
omero-web
3
Pygments
3
Products.PluggableAuthService
3
ansible-runner
3
jupyterhub
3
fava
3
pyspark
3
requests
3
Jinja2
3
bottle
3
paramiko
3
werkzeug
3
oauthenticator
3
poetry
3
quokka
3
pyyaml
3
httpie
3
mistune
3
mitmproxy
3
Weblate
3
django-helpdesk
3
ecdsa
3
datasette
3
protobuf
3
aubio
3
moin
3
mayan-edms
3
ubi-reader
2
google/protobuf
2
typed-ast
2
github.com/protocolbuffers/protobuf
2
com.google.protobuf:protobuf-parent
2
Google.Protobuf
2
aioxmpp
2
aiohttp-session
2
SQLAlchemy
2
dompurify
2
simiki
2
parlai
2
pycrypto
2
bikeshed
2
openzeppelin-cairo-contracts
2
mako
2
plone
2
webargs
2
keystone
2
sickrage
2
py
2
aiohttp
2
rsa
2
httplib2
2
openapi-python-client
2
rpyc
2
sanic
2
wagtail-2fa
2
flask
2
ckan
2
keyring
2
petl
2
aws-encryption-sdk-cli
2
indico
2
Twisted
2
apache-iotdb
2
distributed
2
pyjwt
2
reportlab
2
html5lib
2
autobahn
2
flower
2
djangorestframework
2
untangle
2
org.apache.spark:spark-core
2
python-cjson
2
Red-DiscordBot
2
red-arrow
2
pyarrow
2
uvicorn
2
logilab-common
2
pyopenssl
2
django-sendfile2
2
websockets
2
python-ldap
2
safeurl-python
2
tryton
2
superset
2
pywasm3
2
tflite
2
paddlepaddle
2
ctx
2
guarddog
2
pgadmin4
2
roundup
2
pytorch-lightning
2
starkbank-ecdsa
2
saleor
2
python-keystoneclient
2
binwalk
2
tlslite-ng
2
FreeTAKServer
2
archivy
2
scout-browser
2
proteus
2
trytond
2
django-anymail
2
python-libnmap
2
localstack
2
gradio
2
Products.CMFPlone
2
nova
2
mailman
2
django-unicorn
2
aws-encryption-sdk
2
shuup
2
django-mfa3
1
flask-session-captcha
1
url_regex
1
xmpp-http-upload
1
blazar-dashboard
1
aleksis-core
1
ihatemoney
1
ipa
1
amundsen-frontend
1
datasette-graphql
1
py-mini-racer
1
red-dashboard
1
validators
1
Werkzeug
1
botframework-connector
1
tenable-jira-cloud
1
PyYAML
1
django-rest-registration
1
alerta-server
1
jupyter_server
1
jinja2
1
guake
1
django-photologue
1
plone.app.users
1
gunicorn
1
django-registration
1
io.github.talelin:lin-cms-core
1
Lin-CMS
1
invenio-records
1
papermerge
1
sopel-modules.weather
1
invenio-communities
1
Flask-Caching
1
asyncpg
1
supervisor
1
svglib
1
jw.util
1
contentful
1
Flask-User
1
api-res-py
1
mysql-connector-python
1
jupyter-notebook
1
xml2rfc
1
openssh-key-parser
1
swift
1
fastapi
1
Products.PasswordResetTool
1
modulemd
1
mpmath
1
python-fedora
1
exotel
1
Kotti
1
cinder
1
glance
1
PyInstaller
1
barbican
1
oslo-utils
1
onnx
1
Flask-Unchained
1
XML2Dict
1
pywin32
1
django-celery-results
1
Glances
1
future
1
django-termsandconditions
1
ladon
1
libtaxii
1
omero-figure
1
pipenv
1
mitogen
1
dnslib
1
django-cms
1
recommender-xblock
1
collective.task
1
SentineloneSDK
1
pywb
1
django-widgy
1
django-crm
1
pulsar-client
1
mat2
1
cvxopt
1
sqlite-web
1
CoAPthon
1
nbdime
1
celery
1
sqla-yaml-fixtures
1
conference-scheduler-cli
1
topydo
1
tripleo-heat-templates
1
ipycache
1
AccessControl
1
sqlparse
1
pypiserver
1
GitPython
1
pikepdf
1
pydantic
1
Scrapy
1
django-nopassword
1
cryptoauthlib
1
com.amazonaws:aws-encryption-sdk-java
1
fastecdsa
1
mkdocs
1
pybluemonday
1
github.com/microcosm-cc/bluemonday
1
rucio-webui
1
babel
1
django-two-factor-auth
1
org.apache.iotdb:iotdb-server
1
com.starkbank:ecdsa-java
1
starkbank-ecdsa
1
starkbank-ecdsa
1
mlflow
1
Shinken
1
wiki
1
apprise
1
APKLeaks
1
django-basic-auth-ip-whitelist
1
nbdime
1
yamale
1