Homepage

matrix-synapse vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the matrix-synapse package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Improper Validation of Specified Type of Input

<1.139.2-1
  • H
Improper Input Validation

<1.121.0-6
  • L
Missing Authentication for Critical Function

<1.116.0-1
  • L
Allocation of Resources Without Limits or Throttling

<1.116.0-1
  • H
Allocation of Resources Without Limits or Throttling

<1.121.0-1
  • M
CVE-2024-52815

<1.121.0-1
  • C
Unrestricted Upload of File with Dangerous Type

<1.121.0-1
  • L
Exposure of System Data to an Unauthorized Control Sphere

<1.121.0-1
  • L
CVE-2024-31208

<1.103.0-2
  • M
CVE-2023-43796

<1.95.1-1
  • M
Allocation of Resources Without Limits or Throttling

<1.94.0-1
  • M
Improper Authorization

<1.93.0-1
  • L
Cleartext Storage of Sensitive Information

<1.93.0-1
  • M
Improper Authentication

<1.90.0-1
  • M
Incorrect Authorization

<1.90.0-1
  • M
Information Exposure

<1.69.0-1
  • M
Improper Input Validation

<1.74.0-1
  • M
Resource Exhaustion

<1.68.0-1
  • M
Missing Release of Resource after Effective Lifetime

<1.53.0-1
  • H
Improper Handling of Exceptional Conditions

<1.63.0-1
  • M
Uncontrolled Recursion

<1.61.1-1
  • H
Directory Traversal

<1.47.1-1
  • L
Information Exposure

<1.41.1-1
  • L
Information Exposure

<1.41.1-1
  • M
Resource Exhaustion

<1.33.2-1
  • M
Improper Input Validation

<1.28.0-1
  • M
Improper Input Validation

<1.28.0-1
  • M
Open Redirect

<1.28.0-1
  • H
Cross-site Scripting (XSS)

<1.27.0-1
  • M
Arbitrary Code Injection

<1.27.0-1
  • M
Resource Exhaustion

<1.25.0-1
  • M
Open Redirect

<1.25.0-1
  • M
Resource Exhaustion

<1.24.0-1
  • H
Arbitrary Code Injection

<1.20.0-1
  • M
Cross-site Scripting (XSS)

<1.21.1-1
  • C
Insufficient Verification of Data Authenticity

<1.5.0-1
  • H
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

<0.99.2-5
  • H
Key Management Errors

<0.34.1.1-1
  • H
Improper Verification of Cryptographic Signature

<0.33.3.1-1
  • H
CVE-2018-12423

<0.31.2+dfsg-1
  • H
CVE-2018-12291

<0.31.1+dfsg-1
  • H
Improper Input Validation

<0.28.1+dfsg-1