AVG-1296 log
Package | matrix-synapse |
Status | Fixed |
Severity | High |
Type | denial of service |
Affected | 1.19.1-1 |
Fixed | 1.20.1-1 |
Current | 1.117.0-1 [extra] |
Ticket | None |
Created | Mon Nov 23 18:47:20 2020 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2020-26890 | High | Yes | Denial of service | Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote... |
Date | Advisory | Package | Type |
---|---|---|---|
26 Nov 2020 | ASA-202011-23 | matrix-synapse | denial of service |