mirror of
https://git.anonymousland.org/anonymousland/synapse-product.git
synced 2024-12-17 16:24:21 -05:00
Add CVE number
This commit is contained in:
parent
9c21a68995
commit
8fa83999d6
@ -10,7 +10,7 @@ Security advisory
|
||||
|
||||
The following issue is fixed in 1.47.1.
|
||||
|
||||
- **[GHSA-3hfw-x7gx-437c](https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c) / [CVE-2021-?????](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-?????): Path traversal when downloading remote media.**
|
||||
- **[GHSA-3hfw-x7gx-437c](https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c) / [CVE-2021-41281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41281): Path traversal when downloading remote media.**
|
||||
|
||||
Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory, potentially outside the media store directory.
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user