Go modules package
github.com/matrix-org/gomatrixserverlib
pkg:golang/github.com/matrix-org/gomatrixserverlib
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-52594 | Med | 4.3 | < 0.0.0-20250116181547-c4f1e01eab0d | 0.0.0-20250116181547-c4f1e01eab0d | Jan 16, 2025 | Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit `c4f1e01` fixes this issue. Users are advised to upgrade. Users unab | |
| CVE-2022-36009 | — | < 0.0.0-20220815091947-723fd495dde8 | 0.0.0-20220815091947-723fd495dde8 | Aug 19, 2022 | gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the `"events_default"` key of the `m.room.power_levels` event, default |
- affected < 0.0.0-20250116181547-c4f1e01eab0dfixed 0.0.0-20250116181547-c4f1e01eab0d
Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit `c4f1e01` fixes this issue. Users are advised to upgrade. Users unab
- CVE-2022-36009Aug 19, 2022affected < 0.0.0-20220815091947-723fd495dde8fixed 0.0.0-20220815091947-723fd495dde8
gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the `"events_default"` key of the `m.room.power_levels` event, default