CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41318 – Unsafe media served inline on download endpoints in matrix-media-repo
https://notcve.org/view.php?id=CVE-2023-41318
matrix-media-repo is a highly customizable multi-domain media repository for the Matrix chat ecosystem. In affected versions an attacker could upload a malicious piece of media to the media repo, which would then be served with `Content-Disposition: inline` upon download. This vulnerability could be leveraged to execute scripts embedded in SVG content. Commits `77ec235` and `bf8abdd` fix the issue and are included in the 1.3.0 release. Operators should upgrade to v1.3.0 as soon as possible. • https://developer.mozilla.org/en-US/docs/Web/SVG/Element/script https://github.com/turt2live/matrix-media-repo/commit/77ec2354e8f46d5ef149d1dcaf25f51c04149137 https://github.com/turt2live/matrix-media-repo/commit/bf8abdd7a5371118e280c65a8e0ec2b2e9bdaf59 https://github.com/turt2live/matrix-media-repo/security/advisories/GHSA-5crw-6j7v-xc72 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29453 – Denial of service through memory exhaustion
https://notcve.org/view.php?id=CVE-2021-29453
matrix-media-repo is an open-source multi-domain media repository for Matrix. Versions 1.2.6 and earlier of matrix-media-repo do not properly handle malicious images which are crafted to be small in file size, but large in complexity. A malicious user could upload a relatively small image in terms of file size, using particular image formats, which expands to have extremely large dimensions during the process of thumbnailing. The server can be exhausted of memory in the process of trying to load the whole image into memory for thumbnailing, leading to denial of service. Version 1.2.7 has a fix for the vulnerability. matrix-media-repo es un repositorio de medios multidominio de código abierto para Matrix. • https://github.com/turt2live/matrix-media-repo/releases/tag/v1.2.7 https://github.com/turt2live/matrix-media-repo/security/advisories/GHSA-j889-h476-hh9h https://hub.docker.com/r/turt2live/matrix-media-repo/tags?page=1&ordering=last_updated • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •