FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

dendrite -- Server-side request forgery vulnerability

Affected packages
dendrite < 0.14.1

Details

VuXML ID cd2ace09-df23-11ef-a205-901b0e9408dc
Discovery 2025-01-16
Entry 2025-01-30

Dendrite team reports:

This is a security release, gomatrixserverlib was vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions.

[source]

References

CVE Name CVE-2024-52594
URL https://github.com/matrix-org/gomatrixserverlib/security/advisories/GHSA-4ff6-858j-r822

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.