Matrix Synapse Information Disclosure Vulnerability

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the UK. An information disclosure vulnerability exists in Matrix Synapse versions prior to 1.95.1, prior to 1.96.0rc1, which stems from the ability to query a remote user's cached device information from...

PT-2023-28988 · Synapse +2 · Synapse +2

Name of the Vulnerable Software and Affected Versions: Synapse versions prior to 1.95.1 and 1.96.0rc1 Description: Synapse is an open-source Matrix homeserver. Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. This can be used to...