3 matches found
CVE-2022-31152 Synapse vulnerable to denial of service (DoS) due to incorrect application of event authorization rules
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of event authorization rules which must be checked when determining if an event should be accepted into a room. In versions of Synapse up to and including...
CVE-2022-31152
CVE-2022-31152 affects the Synapse Matrix homeserver. Up to version 1.61.0, some event authorization rules are not correctly applied, allowing crafted events to be accepted by Synapse but not by a spec-conformant server. This can cause divergence in room state between federation-enabled servers. ...
CVE-2022-31152 Synapse vulnerable to denial of service (DoS) due to incorrect application of event authorization rules
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of event authorization rules which must be checked when determining if an event should be accepted into a room. In versions of Synapse up to and including...