Описание
Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1.
EPSS
Процентиль: 27%
0.00098
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-497
Связанные уязвимости
CVSS3: 4.3
ubuntu
около 1 года назад
Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1.
CVSS3: 4.3
debian
около 1 года назад
Synapse is an open-source Matrix homeserver. The Sliding Sync feature ...
CVSS3: 4.3
github
около 1 года назад
Synapse Matrix has a partial room state leak via Sliding Sync
EPSS
Процентиль: 27%
0.00098
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-497