Vulnerability Report: GO-2025-3400

CVE-2024-56515, GHSA-rcxc-wjgw-579r
Affects: github.com/t2bot/matrix-media-repo
Published: Jan 16, 2025
Unreviewed

Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders in github.com/t2bot/matrix-media-repo

For detailed information about this vulnerability, visit https://github.com/t2bot/matrix-media-repo/security/advisories/GHSA-rcxc-wjgw-579r.

Affected Modules

Path

Go Versions
github.com/t2bot/matrix-media-repo

before v1.3.8

Aliases

CVE-2024-56515
GHSA-rcxc-wjgw-579r

References

https://github.com/t2bot/matrix-media-repo/security/advisories/GHSA-rcxc-wjgw-579r
https://github.com/t2bot/matrix-media-repo/releases/tag/v1.3.8
https://vuln.go.dev/ID/GO-2025-3400.json

Feedback

This report is unreviewed. It was automatically generated from a third-party source and its details have not been verified by the Go team.

See anything missing or incorrect? Suggest an edit to this report.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL