github.com/t2bot/matrix-media-repo

Go3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/t2bot/matrix-media-repopage 1 of 1

CVE-2024-52602MEDIUMCVSS 5.0EG 5.0✓ Fixed in 1.3.8
2025-01-16
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. Matrix Media Repo (MMR) is vulnerable to server-side request forgery, serving content from a private network it can access, under certain condit…
CVE-2024-52791MEDIUMCVSS 5.3EG 5.3✓ Fixed in 1.3.8
2025-01-16
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. MMR makes requests to other servers as part of normal operation, and these resource owners can return large amounts of JSON back to MMR for pars…
CVE-2024-56515MEDIUMCVSS 6.8EG 6.8✓ Fixed in 1.3.8
2025-01-16
Matrix Media Repo (MMR) is a highly configurable multi-homeserver media repository for Matrix. If SVG or JPEGXL thumbnailers are enabled (they are disabled by default), a user may upload a file which claims to be either of these types and …

Check whether github.com/t2bot/matrix-media-repo is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/t2bot/matrix-media-repo CVEs against the assets you own.

Start Free Scan →