matrix_sydent is vulnerable to denial of service (DoS). The vulnerability exists as the body of the HTTP request is not limited, nor to limit the response size, causing the exhaustion of both disk space, and memory.
CPE | Name | Operator | Version |
---|---|---|---|
matrix-sydent | le | 2.2.0 |
github.com/matrix-org/sydent/commit/0523511d2fb40f2738f8a8549868f44b96e5dab7
github.com/matrix-org/sydent/commit/89071a1a754c69a50deac89e6bb74002d4cda19d
github.com/matrix-org/sydent/commit/f56eee315b6c44fdd9f6aa785cc2ec744a594428
github.com/matrix-org/sydent/compare/0523511d2fb40f2738f8a8549868f44b96e5dab7...89071a1a754c69a50deac89e6bb74002d4cda19d
github.com/matrix-org/sydent/releases/tag/v2.3.0
github.com/matrix-org/sydent/security/advisories/GHSA-wmg4-8cp2-hpg9
pypi.org/project/matrix-sydent/