Vulnerabilities > Matrix > Synapse > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-31 CVE-2023-43796 Synapse is an open-source Matrix homeserver Prior to versions 1.95.1 and 1.96.0rc1, cached device information of remote users can be queried from Synapse.
network
low complexity
matrix fedoraproject
5.3
2023-10-10 CVE-2023-45129 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation.
network
low complexity
matrix fedoraproject CWE-770
4.9
2023-09-27 CVE-2023-42453 Improper Authorization vulnerability in multiple products
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation.
network
low complexity
matrix fedoraproject CWE-285
4.3
2023-06-06 CVE-2023-32682 Improper Authentication vulnerability in Matrix Synapse
Synapse is a Matrix protocol homeserver written in Python with the Twisted framework.
network
low complexity
matrix CWE-287
5.4
2023-06-06 CVE-2023-32683 Incorrect Authorization vulnerability in Matrix Synapse
Synapse is a Matrix protocol homeserver written in Python with the Twisted framework.
network
low complexity
matrix CWE-863
5.4
2023-05-26 CVE-2022-39335 Information Exposure vulnerability in Matrix Synapse
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation.
network
high complexity
matrix CWE-200
5.0
2023-05-26 CVE-2022-39374 Resource Exhaustion vulnerability in Matrix Synapse
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation.
network
low complexity
matrix CWE-400
6.5
2023-05-26 CVE-2023-32323 Improper Input Validation vulnerability in Matrix Synapse
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation.
network
low complexity
matrix CWE-20
4.3
2022-11-22 CVE-2022-41952 Missing Release of Resource after Effective Lifetime vulnerability in Matrix Synapse
Synapse before 1.52.0 with URL preview functionality enabled will attempt to generate URL previews for media stream URLs without properly limiting connection time.
network
low complexity
matrix CWE-772
5.3
2022-06-28 CVE-2022-31052 Uncontrolled Recursion vulnerability in multiple products
Synapse is an open source home server implementation for the Matrix chat network.
network
low complexity
matrix fedoraproject CWE-674
6.5