AVG-846 log
Package | matrix-synapse |
Status | Fixed |
Severity | High |
Type | private key recovery |
Affected | 0.34.0-1 |
Fixed | 0.34.1.1-1 |
Current |
1.121.1-2 [extra-testing] 1.120.2-1 [extra] |
Ticket | None |
Created | Thu Jan 10 18:55:11 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2019-5885 | High | No | Private key recovery | matrix-synapse before 0.34.1 is vulnerable to private key recovery as synapse will attempt to derive a secret key from other secrets specified in the... |
Date | Advisory | Package | Type |
---|---|---|---|
24 Jan 2019 | ASA-201901-12 | matrix-synapse | private key recovery |