Lucene search

K
osvGoogleOSV:GHSA-VMCC-4P4X-X7WG
HistoryMay 14, 2022 - 3:20 a.m.

Matrix Synapse DoS

2022-05-1403:20:03
Google
osv.dev
5

0.001 Low

EPSS

Percentile

41.7%

Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2<sup>63</sup> - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018.

0.001 Low

EPSS

Percentile

41.7%