Latest version: v1.121.1
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2023-43796 | 65800 |
Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 … |
|
MEDIUM | 5.3 |
| CVE-2023-45129 | 65801 |
Synapse is an open-source Matrix homeserver written and maintained by… |
|
MEDIUM | 4.9 |
| CVE-2023-32683 | 58943 |
Matrix-synapse 1.85.0 includes a security fix: URL deny list bypass v… |
|
MEDIUM | 5.4 |
| CVE-2023-32682 | 58942 |
Matrix-synapse 1.85.0 includes a security fix: Improper checks for de… |
|
MEDIUM | 5.4 |
| CVE-2023-32323 | 64197 |
Synapse is an open-source Matrix homeserver written and maintained by… |
|
MEDIUM | 4.3 |
| CVE-2022-39335 | 62766 |
Synapse is an open-source Matrix homeserver written and maintained by… |
|
MEDIUM | 5.0 |
| CVE-2023-41335 | 65798 |
Synapse is an open-source Matrix homeserver written and maintained by… |
|
LOW | 3.7 |
| CVE-2022-39374 | 62713 |
Synapse is an open-source Matrix homeserver written and maintained by… |
|
MEDIUM | 6.5 |
| CVE-2021-41281 | 42808 |
Matrix-synapse 1.47.1 includes a fix for CVE-2021-41281: Prior to ver… |
|
HIGH | 7.5 |
| CVE-2023-42453 | 65799 |
Synapse is an open-source Matrix homeserver written and maintained by… |
|
MEDIUM | 4.3 |
| CVE-2021-29471 | 40438 |
Matrix-synapse 1.33.2 includes a fix for CVE-2021-29471: Synapse is a… |
|
MEDIUM | 5.3 |
| PVE-2023-55173 | 55173 |
Matrix-synapse 1.33.0 includes a security fix: Denial of service (via… |
|
- | - |
| CVE-2021-21392 | 42303 |
Synapse 1.28.0 includes a fix for CVE-2021-21392: In Synapse before v… |
|
MEDIUM | 6.3 |
| CVE-2021-21333 | 40107 |
Matrix-synapse 1.27.0 includes a fix for CVE-2021-21333: In Synapse b… |
|
MEDIUM | 6.1 |
| CVE-2021-21332 | 40106 |
Matrix-synapse 1.27.0 includes a fix for CVE-2021-21332: In Synapse b… |
|
HIGH | 8.2 |
| CVE-2021-21273 | 39661 |
Matrix-synapse 1.25.0 includes a fix for CVE-2021-21273: Open redirec… |
|
MEDIUM | 6.1 |
| CVE-2024-53867 | 74421 |
Matrix-synapse can leak partial room state changes to users no longer… |
|
- | - |
| CVE-2024-53863 | 74422 |
Affected versions of Synapse are vulnerable to sensitive system infor… |
|
- | - |
| CVE-2024-52815 | 74423 |
Affected versions of Synapse are vulnerable to improper input validat… |
|
- | - |
| CVE-2024-52805 | 74424 |
Affected versions of Synapse are vulnerable to allocation of resource… |
|
- | - |
| CVE-2024-37303 | 74425 |
Affected versions of Synapse are vulnerable to Missing Authentication… |
|
- | - |
| CVE-2024-37302 | 74426 |
Affected versions of Synapse are vulnerable to Allocation of Resource… |
|
- | - |
| CVE-2024-31208 | 71894 |
Synapse is an open-source Matrix homeserver. A remote Matrix user wit… |
|
- | - |
| CVE-2021-21274 | 39662 |
Matrix-synapse 1.25.0 includes a fix for CVE-2021-21274: Denial of se… |
|
MEDIUM | 6.5 |
| CVE-2018-16515 | 67948 |
Matrix Synapse before 0.33.3.1 allows remote attackers to spoof event… |
|
HIGH | 8.8 |
| CVE-2018-12423 | 67947 |
In Synapse before 0.31.2, unauthorised users can hijack rooms when th… |
|
HIGH | 7.5 |
| CVE-2018-12291 | 67946 |
The on_get_missing_events function in handlers/federation.py in Matri… |
|
HIGH | 7.5 |
| CVE-2018-10657 | 65844 |
Matrix Synapse before 0.28.1 is prone to a denial of service flaw whe… |
|
HIGH | 7.5 |
| CVE-2021-21393 | 42304 |
Synapse 1.28.0 includes a fix for CVE-2021-21393. Missing input valid… |
|
MEDIUM | 6.5 |
| CVE-2021-21394 | 42305 |
Synapse 1.28.0 includes a fix for CVE-2021-21394: Synapse before vers… |
|
MEDIUM | 6.5 |
| CVE-2022-31152 | 54524 |
Synapse is an open-source Matrix homeserver written and maintained by… |
|
HIGH | 7.5 |
| CVE-2022-31052 | 54430 |
Synapse is an open source home server implementation for the Matrix c… |
|
MEDIUM | 6.5 |
| CVE-2022-41952 | 54590 |
Synapse before 1.52.0 with URL preview functionality enabled will att… |
|
MEDIUM | 5.3 |
| CVE-2019-18835 | 54217 |
Matrix Synapse before 1.5.0 mishandles signature checking on some fed… |
|
CRITICAL | 9.8 |
| CVE-2021-39164 | 54315 |
Matrix is an ecosystem for open federated Instant Messaging and Voice… |
|
LOW | 3.1 |
| CVE-2021-39163 | 54333 |
Matrix is an ecosystem for open federated Instant Messaging and Voice… |
|
LOW | 3.1 |
| CVE-2020-26257 | 54252 |
Matrix is an ecosystem for open federated Instant Messaging and VoIP.… |
|
MEDIUM | 6.5 |
| CVE-2020-26891 | 54234 |
AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS … |
|
MEDIUM | 6.1 |
| CVE-2020-26890 | 54308 |
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, In… |
|
HIGH | 7.5 |
| CVE-2019-11842 | 54137 |
An issue was discovered in Matrix Sydent before 1.0.3 and Synapse bef… |
|
HIGH | 7.5 |
| CVE-2019-5885 | 54170 |
Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authenti… |
|
HIGH | 7.5 |