GHSA-r6jg-jfv6-2fjv

Suggest an improvement
Source
https://github.com/advisories/GHSA-r6jg-jfv6-2fjv
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/01/GHSA-r6jg-jfv6-2fjv/GHSA-r6jg-jfv6-2fjv.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-r6jg-jfv6-2fjv
Aliases
Published
2025-01-16T19:35:02Z
Modified
2025-01-17T15:42:18Z
Severity
  • 5.0 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N CVSS Calculator
Summary
Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation
Details

Impact

Matrix Media Repo (MMR) is vulnerable to server-side request forgery, serving content from a private network it can access, under certain conditions.

Patches

This is fixed in MMR v1.3.8.

Workarounds

Restricting which hosts MMR is allowed to contact via (local) firewall rules or a transparent proxy.

References

https://owasp.org/www-community/attacks/ServerSideRequestForgery https://learn.snyk.io/lesson/ssrf-server-side-request-forgery/ https://www.agwa.name/blog/post/preventingserversiderequestforgeryin_golang

Database specific 
{
    "nvd_published_at": "2025-01-16T20:15:32Z",
    "cwe_ids": [
        "CWE-918"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2025-01-16T19:35:02Z"
}
References

Affected packages

Go / github.com/t2bot/matrix-media-repo

Package

Name
github.com/t2bot/matrix-media-repo
View open source insights on deps.dev
Purl
pkg:golang/github.com/t2bot/matrix-media-repo

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.8

Database specific 

{
    "last_known_affected_version_range": "<= 1.3.7"
}