Debian Matrix-Synapse vulnerabilities

CVE-2022-39335 [MEDIUM] CVE-2022-39335: matrix-synapse - Synapse is an open-source Matrix homeserver written and maintained by the Matrix... Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix Federation API allows remote homeservers to request the authorization events in a room. This is necessary so that a homeserver receiving some events can validate that those events are legitimate and permitted in their room. However, in versions of Syn

CVE-2022-31152 [MEDIUM] CVE-2022-31152: matrix-synapse - Synapse is an open-source Matrix homeserver written and maintained by the Matrix... Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of [event authorization rules](https://spec.matrix.org/v1.2/rooms/v9/#authorization-rules) which must be checked when determining if an event should be accepted into a room. In versions of Synapse up to and including ver

CVE-2022-39374 [MEDIUM] CVE-2022-39374: matrix-synapse - Synapse is an open-source Matrix homeserver written and maintained by the Matrix... Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. If Synapse and a malicious homeserver are both joined to the same room, the malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current state of that room. This can be exploited in a way that causes all further m

CVE-2021-41281 [HIGH] CVE-2021-41281: matrix-synapse - Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior t... Synapse is a package for Matrix homeservers written in Python 3/Twisted. Prior to version 1.47.1, Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory. No authentication is required for the affected endpoint. The last 2 directories and file name of the path are chosen rando

CVE-2021-21394 [MEDIUM] CVE-2021-21394: matrix-synapse - Synapse is a Matrix reference homeserver written in python (pypi package matrix-... Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory lea

CVE-2021-21274 [MEDIUM] CVE-2021-21274: matrix-synapse - Synapse is a Matrix reference homeserver written in python (pypi package matrix-... Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to a denial of service attack where homeservers will consume

CVE-2021-21333 [MEDIUM] CVE-2021-21333: matrix-synapse - Synapse is a Matrix reference homeserver written in python (pypi package matrix-... Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject to HTML injection. In the case of the notification for miss

CVE-2021-21393 [MEDIUM] CVE-2021-21393: matrix-synapse - Synapse is a Matrix reference homeserver written in python (pypi package matrix-... Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory lea

CVE-2021-21332 [MEDIUM] CVE-2021-21332: matrix-synapse - Synapse is a Matrix reference homeserver written in python (pypi package matrix-... Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting (XSS) attacks. The impact depends on the configuration of the domain that Synap

CVE-2021-21392 [MEDIUM] CVE-2021-21392: matrix-synapse - Synapse is a Matrix reference homeserver written in python (pypi package matrix-... Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity s

CVE-2021-29471 [LOW] CVE-2021-29471: matrix-synapse - Synapse is a Matrix reference homeserver written in python (pypi package matrix-... Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.33.2 "Push rules" can specify conditions under which they will match, including `event_match`, which matches event content against a pattern including wildcards. Certain patt

CVE-2021-39163 [LOW] CVE-2021-39163: matrix-synapse - Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. I... Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable homeserver is in the room and untrusted users are permitted to creat

CVE-2021-39164 [LOW] CVE-2021-39164: matrix-synapse - Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. I... Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership (list of members, with their display names) of a room if they know the ID of the room. The vulnerability is limited to rooms with `shared` history visibility. Furthermore, the unauthorised user must be using

CVE-2021-21273 [LOW] CVE-2021-21273: matrix-synapse - Synapse is a Matrix reference homeserver written in python (pypi package matrix-... Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key validity for third-party invite events and sending push notifica

CVE-2020-26890 [HIGH] CVE-2020-26890: matrix-synapse - Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and... Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into the room's state, the impact is long-lasting and is not fixed by a

CVE-2020-26891 [MEDIUM] CVE-2020-26891: matrix-synapse - AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsa... AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter. This allows a remote attacker to execute an XSS attack on the domain Synapse is hosted on, by supplying the victim user with a malicious URL to the /_matrix/client/r0/auth/*/fallback/web or /_matrix/client/unstable/auth/*/fallback/w

CVE-2020-26257 [MEDIUM] CVE-2020-26257: matrix-synapse - Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is... Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a `/send_join`, `/send_leave`, `/invite` or `/exchange_third_party_invite` request. This can

CVE-2019-18835 [CRITICAL] CVE-2019-18835: matrix-synapse - Matrix Synapse before 1.5.0 mishandles signature checking on some federation API... Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /send_join, /send_leave, and /invite may not be correctly signed, or may not come from the expected servers. Scope: local forky: resolved (fixed in 1.5.0-1) sid: resolved (fixed in 1.5.0-1)

CVE-2019-11842 [HIGH] CVE-2019-11842: matrix-synapse - An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.... An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID. Scope: local forky: resolved (fixed in 0.99.2-5) sid: resolved (fixed in 0.99.2-5)

CVE-2019-5885 [HIGH] CVE-2019-5885: matrix-synapse - Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication para... Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users. Scope: local forky: resolved (fixed in 0.34.1.1-1) sid: resolved (fixed in 0.34.1.1-1)