Lucene search
GitHub_MCVELIST:CVE-2022-39374HistoryMay 26, 2023 - 1:44 p.m.
CVE-2022-39374 Synapse Denial of service due to incorrect application of event authorization rules during state resolution
2023-05-2613:44:44
CWE-400
GitHub_M
raw.githubusercontent.com
cve-2022-39374
synapse
denial of service
matrix homeserver
event authorization
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. If Synapse and a malicious homeserver are both joined to the same room, the malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current state of that room. This can be exploited in a way that causes all further messages and state changes sent in that room from the vulnerable homeserver to be rejected. This issue has been patched in version 1.68.0
Related
alpinelinux
alpinelinux
CVE-2022-39374
2023-05-26 14:15:00
osv
osv
Synapse Denial of service due to incorrect application of event authorization rules during state resolution
2023-05-24 17:21:33
PYSEC-2023-66
2023-05-26 14:15:00
CVE-2022-39374
2023-05-26 14:15:10
debiancve
debiancve
CVE-2022-39374
2023-05-26 14:15:00
prion
prion
Code injection
2023-05-26 14:15:00
cve
cve
CVE-2022-39374
2023-05-26 14:15:00
github
github
ubuntucve
ubuntucve
CVE-2022-39374
2023-05-26 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-06-02 13:21:16
fedora
fedora
[SECURITY] Fedora 37 Update: python-matrix-common-1.3.0-7.fc37
2023-09-18 01:37:49
[SECURITY] Fedora 37 Update: matrix-synapse-1.80.0-5.fc37
2023-09-18 01:37:48
[SECURITY] Fedora 37 Update: rust-pythonize-0.19.0-1.fc37
2023-09-18 01:37:49
openvas
openvas
Fedora: Security Advisory for matrix-synapse (FEDORA-2023-c0696d7b53)
2023-09-19 00:00:00
Fedora: Security Advisory for python-matrix-common (FEDORA-2023-c0696d7b53)
2023-09-19 00:00:00
Fedora: Security Advisory for rust-pythonize (FEDORA-2023-c0696d7b53)
2023-09-19 00:00:00
nessus
nessus