5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
41.4%
matrix-synapse is vulnerable to Server-Side Request Forgery. The vulnerability exists in the preview
function in url_previewer.py
because it doesn’t properly validate blacklist urls, which allows a remote attacker to cause an SSRF bypass via a crafted url.
github.com/advisories/GHSA-98px-6486-j7qc
github.com/matrix-org/synapse/commit/4ee82c0576baed6358e3818e8c22e01bde6afd02
github.com/matrix-org/synapse/pull/15601
github.com/matrix-org/synapse/releases/tag/v1.85.0
github.com/matrix-org/synapse/security/advisories/GHSA-98px-6486-j7qc
lists.fedoraproject.org/archives/list/[email protected]/message/X6DH5A5YEB5LRIPP32OUW25FCGZFCZU2/