github.com/matrix-org/dendrite

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/matrix-org/dendritepage 1 of 1

CVE-2022-36009MEDIUMCVSS 5.0EG 5.0✓ Fixed in 0.9.3
2022-08-19
gomatrixserverlib is a Go library for matrix protocol federation. Dendrite is a Matrix homeserver written in Go, an alternative to Synapse. The power level parsing within gomatrixserverlib was failing to parse the `"events_default"` key of…
CVE-2022-39200HIGHCVSS 7.3EG 7.3✓ Fixed in 0.9.8
2022-09-12
Dendrite is a Matrix homeserver written in Go. In affected versions events retrieved from a remote homeserver using the `/get_missing_events` path did not have their signatures verified correctly. This could potentially allow a remote home…

Check whether github.com/matrix-org/dendrite is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/matrix-org/dendrite CVEs against the assets you own.

Start Free Scan →