Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

pypi

matrix-synapse

pypi · Homeserver for the Matrix decentralised comms protocol · Repository · Package

Security Advisories for matrix-synapse in pypi

High
6 months ago

Synapse vulnerable to federation denial of service via malformed events GSA_kwCzR0hTQS12NTZyLWh3djUtbXhnNs4ABGAZ

pypi matrix-synapse
Moderate
10 months ago

Synapse Matrix has a partial room state leak via Sliding Sync GSA_kwCzR0hTQS01Nnc0LTU1MzgtOHY4aM4ABCBE

pypi matrix-synapse
High
10 months ago

Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders GSA_kwCzR0hTQS12cDZ2LXdoZm0tcnYzZ84ABCBD

pypi matrix-synapse
High
10 months ago

Synapse allows a a malformed invite to break the invitee's `/sync` GSA_kwCzR0hTQS1mM3IzLWgybXEtaHgyaM4ABCBB

pypi matrix-synapse
High
10 months ago

Synapse allows unsupported content types to lead to memory exhaustion GSA_kwCzR0hTQS1yZnE4LWo3cmgtOGhmMs4ABCBA

pypi matrix-synapse
Moderate
10 months ago

Synapse's unauthenticated writes to the media repository allow planting of problematic content GSA_kwCzR0hTQS1namdyLTc4MzQtcmh4cs4ABCA_

pypi matrix-synapse
High
10 months ago

Synapse denial of service through media disk space consumption GSA_kwCzR0hTQS00bWhnLXh2NzMteHEyeM4ABCA-

pypi matrix-synapse
Moderate
over 1 year ago

Synapse V2 state resolution weakness allows Denial of Service (DoS) GSA_kwCzR0hTQS0zaDdxLXJmaDkteG00ds4AA7QQ

pypi matrix-synapse
Moderate
almost 2 years ago

Synapse vulnerable to leak of remote user device information GSA_kwCzR0hTQS1tcDkyLTNqZm0tMzU3Nc4AA206

pypi matrix-synapse
Moderate
almost 2 years ago

matrix-synapse vulnerable to denial of service due to malicious server ACL events GSA_kwCzR0hTQS01Y2hyLXdqdzUtM2dxNM4AA2X1

pypi matrix-synapse
Moderate
about 2 years ago

matrix-synapse vulnerable to improper validation of receipts allows forged read receipts GSA_kwCzR0hTQS03NTY1LWNxMzItdngyeM4AA2C2

pypi matrix-synapse
Low
about 2 years ago

matrix-synapse vulnerable to temporary storage of plaintext passwords during password changes GSA_kwCzR0hTQS00Zjc0LTg0djMtajlxNc4AA2C1

pypi matrix-synapse
Moderate
over 2 years ago

Synapse has URL deny list bypass via oEmbed and image URLs when generating previews GSA_kwCzR0hTQS05OHB4LTY0ODYtajdxY84AAzr1

pypi matrix-synapse
Moderate
over 2 years ago

Synapse has improper checks for deactivated users during login GSA_kwCzR0hTQS0yNmM1LXBwcjgtZjMzcM4AAzr0

pypi matrix-synapse
Moderate
over 2 years ago

Synapse Outgoing federation to specific hosts can be disabled by sending malicious invites GSA_kwCzR0hTQS1mM3djLTN2eHYteG12cs4AAzdM

pypi matrix-synapse
High
over 2 years ago

Synapse Denial of service due to incorrect application of event authorization rules during state resolution GSA_kwCzR0hTQS1wOXFwLWM0NTItZjlyN84AAzdK

pypi matrix-synapse
High
over 2 years ago

Synapse does not apply enough checks to servers requesting auth events of events in a room GSA_kwCzR0hTQS00NWNqLWY5N2YtZ2d3ds4AAzdJ

pypi matrix-synapse
High
about 3 years ago

Denial of service due to incorrect application of event authorization rules GSA_kwCzR0hTQS1qaGpoLTc3Nm0tNDc2Nc4AAujv

pypi matrix-synapse
High
over 3 years ago

URL previews of unusual or maliciously-crafted pages can crash Synapse media repositories or Synapse monoliths GSA_kwCzR0hTQS0yMnAzLXFyaDktY3gzMs4AAtBv

pypi matrix-synapse
High
over 3 years ago

Improper Verification of Cryptographic Signature in matrix-synapse GSA_kwCzR0hTQS1jcHB3LTJtZjgtcXBtNc4AAq-J

pypi matrix-synapse
High
over 3 years ago

matrix-sydent and matrix-synapse Use Cryptographically Weak PRNG GSA_kwCzR0hTQS1nd2Y3LXZmamYtd2Y2eM4AAgqX

pypi matrix-synapse, matrix-sydent
High
over 3 years ago

Matrix Synapse DoS GSA_kwCzR0hTQS12bWNjLTRwNHgteDd3Z84AAWzZ

pypi matrix-synapse
High
over 3 years ago

Matrix Synapse Improper Signature Validation GSA_kwCzR0hTQS1mbXZoLXJ2cTUtaGhqeM4AASvD

pypi matrix-synapse
High
over 3 years ago

Matrix Synapse Authorization Error GSA_kwCzR0hTQS1jaDV2LWZoZzgtN2d2Oc4AASpv

pypi matrix-synapse
High
over 3 years ago

Matrix Synapse Security Filtering Flaw GSA_kwCzR0hTQS12OHdtLWc5ZjIteGp2NM4AASqT

pypi matrix-synapse
High
over 3 years ago

Matrix Synapse Predictable Secret Key GSA_kwCzR0hTQS1qcnFtLXY4Y3YtNTN3d83vAg

pypi matrix-synapse
Moderate
over 3 years ago

Uncontrolled Resource Consumption in Matrix Synapse GSA_kwCzR0hTQS00ODIyLWp2d3gtdzQ3aM03pA

pypi matrix-synapse
High
almost 4 years ago

Path traversal in Matrix Synapse GSA_kwCzR0hTQS0zaGZ3LXg3Z3gtNDM3Y80X4Q

pypi matrix-synapse
Low
about 4 years ago

Adding a private/unlisted room to a community exposes room metadata in an unauthorised manner. MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpqNTMtOGZtdy1mMncy

pypi matrix-synapse
Low
about 4 years ago

Improper authorisation of members discloses room membership to non-members MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4NGMtcHEzMy00dzNx

pypi matrix-synapse
Moderate
over 4 years ago

Denial of service (via resource exhaustion) due to improper input validation in third-party identifier endpoint MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdoNXYtODV3OS1wcTZj

pypi matrix-synapse
Moderate
over 4 years ago

Denial of service attack via push rule patterns in matrix-synapse MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgzNDUtMzJyYy04aDg1

pypi matrix-synapse
High
over 4 years ago

Open redirect via transitional IPv6 addresses on dual-stack networks MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV3cmgtNGp3di01dzc4

pypi matrix-synapse
Moderate
over 4 years ago

Denial of service (via resource exhaustion) due to improper input validation on third-party identifier endpoints MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc5ZmcteGZmaC1wMzYy

pypi matrix-synapse
Moderate
over 4 years ago

Denial of service (via resource exhaustion) due to improper input validation on groups/communities endpoints MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpyaDctbWhoeC02aDg4

pypi matrix-synapse
Moderate
over 4 years ago

HTML injection in email and account expiry notifications MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1ZjgtMzVxci1xNGZt

pypi matrix-synapse
Moderate
over 4 years ago

Cross-site scripting (XSS) vulnerability in the password reset endpoint MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0NnctNTZtMi01ODk5

pypi matrix-synapse
Moderate
over 4 years ago

Denial of service attack via .well-known lookups MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJod3gtbWpybS12M2c4

pypi matrix-synapse
Moderate
over 4 years ago

Open redirects on some federation and push requests MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY5MzYtajhncC05cTNw

pypi matrix-synapse
High
almost 5 years ago

Denial of service attack via incorrect parameters in Matrix Synapse MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4bXAtcHFjaC1jOG1t

pypi matrix-synapse
High
almost 5 years ago

Denial of service attack due to invalid JSON MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRtcDMtMzg1ci12NjNm

pypi matrix-synapse
Moderate
almost 5 years ago

Cross-site scripting (XSS) vulnerability in the fallback authentication endpoint MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTN4OGMtZm1wYy01cm1x

pypi matrix-synapse

Filter by Severity

High 20 Moderate 19 Low 3