matrix-synapse

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Matrix reference homeserver
Version 0.99.5-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-846 0.34.0-1 0.34.1.1-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2019-5885 AVG-846 High No Private key recovery
matrix-synapse before 0.34.1 is vulnerable to private key recovery as synapse will attempt to derive a secret key from other secrets specified in the...

Advisories

Date Advisory Group Severity Description
24 Jan 2019 ASA-201901-12 AVG-846 High private key recovery