Synapse Security Vulnerabilities and Issues — Synapse CVE List

Lucene search

MatrixSynapse

3 matches found

CVE•added 2021/08/31 4:15 p.m.•117 views

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable homes...

3.5CVSS3.7AI score0.00272EPSS

CVE•added 2021/08/31 5:15 p.m.•114 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership (list of members, with their display names) of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history ...

3.5CVSS3.9AI score0.00502EPSS

CVE•added 2023/09/27 3:19 p.m.•73 views

CVE-2023-41335

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilities—it already learns the users' passwords as pa...

3.7CVSS4.3AI score0.00076EPSS