CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37303 – Synapse unauthenticated writes to the media repository allow planting of problematic content
https://notcve.org/view.php?id=CVE-2024-37303
03 Dec 2024 — Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the local homeserver in an unauthenticated way. The implication is that unauthenticated remote adversaries can use this functionality to plant problematic content into the media repository. Synapse 1.106 introduces a p... • https://github.com/element-hq/synapse/security/advisories/GHSA-gjgr-7834-rhxr • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37302 – Synapse denial of service through media disk space consumption
https://notcve.org/view.php?id=CVE-2024-37302
03 Dec 2024 — Synapse is an open-source Matrix homeserver. Synapse versions before 1.106 are vulnerable to a disk fill attack, where an unauthenticated adversary can induce Synapse to download and cache large amounts of remote media. The default rate limit strategy is insufficient to mitigate this. This can lead to a denial of service, ranging from further media uploads/downloads failing to completely unavailability of the Synapse process, depending on how Synapse was deployed. Synapse 1.106 introduces a new "leaky bucke... • https://github.com/element-hq/synapse/security/advisories/GHSA-4mhg-xv73-xq2x • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52805 – Synapse allows unsupported content types to lead to memory exhaustion
https://notcve.org/view.php?id=CVE-2024-52805
03 Dec 2024 — Synapse is an open-source Matrix homeserver. In Synapse before 1.120.1, multipart/form-data requests can in certain configurations transiently increase memory consumption beyond expected levels while processing the request, which can be used to amplify denial of service attacks. Synapse 1.120.1 resolves the issue by denying requests with unsupported multipart/form-data content type. • https://github.com/element-hq/synapse/security/advisories/GHSA-rfq8-j7rh-8hf2 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-52815 – Synapse allows a a malformed invite to break the invitee's `/sync`
https://notcve.org/view.php?id=CVE-2024-52815
03 Dec 2024 — Synapse is an open-source Matrix homeserver. Synapse versions before 1.120.1 fail to properly validate invites received over federation. This vulnerability allows a malicious server to send a specially crafted invite that disrupts the invited user's /sync functionality. Synapse 1.120.1 rejects such invalid invites received over federation and restores the ability to sync for affected users. • https://github.com/element-hq/synapse/security/advisories/GHSA-f3r3-h2mq-hx2h • CWE-20: Improper Input Validation •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-53863 – Synapse can be forced to thumbnail unexpected file formats, invoking external, potentially untrustworthy decoders
https://notcve.org/view.php?id=CVE-2024-53863
03 Dec 2024 — Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamic_thumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for processing. This significantly expands the attack surface in a historically vulnerable area, presenting a risk that far outweighs the benefit, particularly since these formats are rarely used on the open web or wit... • https://github.com/element-hq/synapse/security/advisories/GHSA-vp6v-whfm-rv3g • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31208 – Synapse's V2 state resolution weakness allows DoS from remote room members
https://notcve.org/view.php?id=CVE-2024-31208
23 Apr 2024 — Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate excessive data in the database of such instances, resulting in a denial of service. Servers in private federations, or those that do not federate, are not affected. Server administrators should upgrade to 1.105.1 or lat... • https://github.com/element-hq/synapse/commit/55b0aa847a61774b6a3acdc4b177a20dc019f01a • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2023-43796 – Synapse vulnerable to leak of remote user device information
https://notcve.org/view.php?id=CVE-2023-43796
31 Oct 2023 — Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver. System administrators are encouraged to upgrade to Synapse 1.95.1 or 1.96.0rc1 to receive a patch. As a workaround, the `federation_domain_whitelist` can be used to limit federation traffic with a homeserver. Synapse es un servidor doméstico Matrix de código abierto. • https://github.com/matrix-org/synapse/commit/daec55e1fe120c564240c5386e77941372bf458f • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-45129 – matrix-synapse vulnerable to denial of service due to malicious server ACL events
https://notcve.org/view.php?id=CVE-2023-45129
10 Oct 2023 — Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Prior to version 1.94.0, a malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service. Homeservers running on a closed federation (which presumably do not need to use server ACLs) are not affected. Server administrators are advised to upgrade to Synapse 1.94.0 or later. As a workaround, rooms with malicious server ACL events can be purged and blocked us... • https://github.com/matrix-org/synapse/pull/16360 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 4CVE-2022-47631 – Razer Synapse Race Condition / DLL Hijacking
https://notcve.org/view.php?id=CVE-2022-47631
14 Sep 2023 — Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM user. Although the service will not start if it detects malicious DLLs in this directory, attackers can exploit a race condition and replace a valid DLL (i.e., a copy of a legitimate Razer DLL) with a malicious DLL... • https://packetstorm.news/files/id/174696 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32683 – URL deny list bypass via oEmbed and image URLs when generating previews in Synapse
https://notcve.org/view.php?id=CVE-2023-32683
06 Jun 2023 — Synapse is a Matrix protocol homeserver written in Python with the Twisted framework. A discovered oEmbed or image URL can bypass the `url_preview_url_blacklist` setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the `url_preview_ip_range_blacklist` setting (by default this only allows public IPs) and by the limited information returned to the client: 1. For discovered oEmbed URLs, any non-JSON response or a JSON response whic... • https://github.com/matrix-org/synapse/pull/15601 • CWE-863: Incorrect Authorization CWE-918: Server-Side Request Forgery (SSRF) •