Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-53867

Опубликовано: 03 дек. 2024
Источник: debian

Описание

Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
matrix-synapsefixed1.121.0-1package

Примечания

  • https://github.com/element-hq/synapse/security/advisories/GHSA-56w4-5538-8v8h

  • https://github.com/matrix-org/matrix-spec-proposals/pull/4186

Связанные уязвимости

ubuntu логотип

CVE-2024-53867

CVSS3: 4.3
ubuntu
около 1 года назад

Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1.

nvd логотип

CVE-2024-53867

CVSS3: 4.3
nvd
около 1 года назад

Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1.

github логотип

GHSA-56w4-5538-8v8h

CVSS3: 4.3
github
около 1 года назад

Synapse Matrix has a partial room state leak via Sliding Sync