Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-6qf2-7x63-mm6v
  • PyPI/matrix-synapse
 Synapse pagination Denial of Service 14 May
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-8q93-326v-3m7g
  • PyPI/matrix-synapse
 Synapse CPU starvation (Denial of Service) 14 May
  • Fix available
  • Severity - 7.1 (High)
GHSA-fh66-fcv5-jjfr
  • PyPI/matrix-synapse
 Synapse's invalid device keys degrade federation functionality 08 Oct 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-v56r-hwv5-mxg6
  • PyPI/matrix-synapse
 Synapse vulnerable to federation denial of service via malformed events 27 Mar 2025
  • Fix available
  • Severity - 7.1 (High)
GHSA-56w4-5538-8v8h
  • PyPI/matrix-synapse
 Synapse Matrix has a partial room state leak via Sliding Sync 03 Dec 2024
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-vp6v-whfm-rv3g
  • PyPI/matrix-synapse
 Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders 03 Dec 2024
  • Fix available
  • Severity - 8.2 (High)
GHSA-f3r3-h2mq-hx2h
  • PyPI/matrix-synapse
 Synapse allows a a malformed invite to break the invitee's `/sync` 03 Dec 2024
  • Fix available
  • Severity - 8.7 (High)
GHSA-rfq8-j7rh-8hf2
  • PyPI/matrix-synapse
 Synapse allows unsupported content types to lead to memory exhaustion 03 Dec 2024
  • Fix available
  • Severity - 8.2 (High)
GHSA-gjgr-7834-rhxr
  • PyPI/matrix-synapse
 Synapse's unauthenticated writes to the media repository allow planting of problematic content 03 Dec 2024
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-4mhg-xv73-xq2x
  • PyPI/matrix-synapse
 Synapse denial of service through media disk space consumption 03 Dec 2024
  • Fix available
  • Severity - 8.7 (High)
PYSEC-2024-287
  • PyPI/matrix-synapse
 See record for full details 03 Dec 2024
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2024-286
  • PyPI/matrix-synapse
 See record for full details 03 Dec 2024
  • Fix available
  • Severity - 7.5 (High)
GHSA-3h7q-rfh9-xm4v
  • PyPI/matrix-synapse
 Synapse V2 state resolution weakness allows Denial of Service (DoS) 23 Apr 2024
  • Fix available
  • Severity - 6.5 (Medium)
PYSEC-2024-50
  • PyPI/matrix-synapse
  • github.com/element-hq/synapse
 See record for full details 23 Apr 2024
  • Fix available
GHSA-mp92-3jfm-3575
  • PyPI/matrix-synapse
 Synapse vulnerable to leak of remote user device information 31 Oct 2023
  • Fix available
  • Severity - 5.3 (Medium)
PYSEC-2023-230
  • PyPI/matrix-synapse
  • github.com/matrix-org/synapse
 See record for full details 31 Oct 2023
  • Fix available
  • Severity - 5.3 (Medium)
Load more...