Lucene search

CVE-2021-21273

🗓️ 26 Feb 2021 18:12:15Reported by [email protected]Type

Synapse Matrix server allows unauthorized requests to internal infrastructure before v1.25.

Reporter	Title	Published	Views	Family All 12
Cvelist	CVE-2021-21273 Open redirects on some federation and push requests	26 Feb 202117:25	–	cvelist
OSV	Open redirects on some federation and push requests	26 Feb 202117:28	–	osv
OSV	PYSEC-2021-131	26 Feb 202118:15	–	osv
OSV	CVE-2021-21273	26 Feb 202118:15	–	osv
Veracode	Insecure Access Controls	28 Feb 202101:22	–	veracode
Prion	Cross site request forgery (csrf)	26 Feb 202118:15	–	prion
Github Security Blog	Open redirects on some federation and push requests	26 Feb 202117:28	–	github
CVE	CVE-2021-21273	26 Feb 202118:15	–	cve
UbuntuCve	CVE-2021-21273	26 Feb 202100:00	–	ubuntucve
Debian CVE	CVE-2021-21273	26 Feb 202118:15	–	debiancve

Nvd

Node

matrix synapseRange<1.25.0

Node

fedoraproject fedoraMatch34

Source	Link
github	www.github.com/matrix-org/synapse/security/advisories/GHSA-v936-j8gp-9q3p
github	www.github.com/matrix-org/synapse/commit/30fba6210834a4ecd91badf0c8f3eb278b72e746
github	www.github.com/matrix-org/synapse/releases/tag/v1.25.0
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/
github	www.github.com/matrix-org/synapse/pull/8821

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Feb 2021 18:15Current

CVSS25.8

CVSS36.1

EPSS0.00122

CWE-601