AVG-1296 log
| Package | matrix-synapse |
| Status | Fixed |
| Severity | High |
| Type | denial of service |
| Affected | 1.19.1-1 |
| Fixed | 1.20.1-1 |
| Current | 1.117.0-1 [extra] |
| Ticket | None |
| Created | Mon Nov 23 18:47:20 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-26890 | High | Yes | Denial of service | Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 26 Nov 2020 | ASA-202011-23 | matrix-synapse | denial of service |