VYPR

Go modules package

github.com/matrix-org/gomatrixserverlib

pkg:golang/github.com/matrix-org/gomatrixserverlib

Vulnerabilities (2)

  • CVE-2024-52594MedJan 16, 2025
    affected < 0.0.0-20250116181547-c4f1e01eab0dfixed 0.0.0-20250116181547-c4f1e01eab0d

    Gomatrixserverlib is a Go library for matrix federation. Gomatrixserverlib is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions. The commit `c4f1e01` fixes this issue. Users are advised to upgrade. Users unab

  • CVE-2022-36009Aug 19, 2022
    affected < 0.0.0-20220815091947-723fd495dde8fixed 0.0.0-20220815091947-723fd495dde8

    gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the `"events_default"` key of the `m.room.power_levels` event, default