matrix-synapse vulnerabilities

Homeserver for the Matrix decentralised comms protocol

latest version

1.121.1

latest non vulnerable version

1.121.1

first published

6 years ago

latest version published

23 days ago

licenses detected

AGPL-3.0
[1.99.0rc1,)
Apache-2.0
[0.33.5,1.99.0rc1)

View matrix-synapse package health on Snyk Advisor (opens in a new tab)

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the matrix-synapse package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Improper Input Validation	[,1.120.2)
H Allocation of Resources Without Limits or Throttling	[,1.106.0)
M Missing Authentication for Critical Function	[,1.106.0)
M Exposure of Sensitive System Information to an Unauthorized Control Sphere	[1.113.0rc1,1.120.2)
H Arbitrary File Upload	[,1.120.2)
H Allocation of Resources Without Limits or Throttling	[,1.120.2)
M Allocation of Resources Without Limits or Throttling	[,1.105.1)
M Information Exposure	[,1.95.1)
M Allocation of Resources Without Limits or Throttling	[,1.94.0rc1)
M Improper Input Validation	[0.34.0,1.93.0)
M Information Exposure	[1.66.0,1.93.0)
H Denial of Service (DoS)	[,0.34.0)
M Incorrect Authorization	[,1.85.0rc1)
L Server-side Request Forgery (SSRF)	[,1.85.0rc1)
M Denial of Service (DoS)	[,1.74.0rc1)
M Denial of Service (DoS)	[1.62.0,1.68.0rc1)
L Access Restriction Bypass	[,1.69.0rc1)
M Allocation of Resources Without Limits or Throttling	[,1.53.0)
M Denial of Service (DoS)	[,1.62.0)
M Uncontrolled Recursion	[,1.61.1)
H Directory Traversal	[,1.47.1)
M Information Exposure	[,1.41.1)
L Information Exposure	[,1.41.1)
H Insufficiently Protected Credentials	[,0.34.0.1)
M Insecure Randomness	[,0.99.3.1)
H Denial of Service (DoS)	[,1.33.0)
L Denial of Service (DoS)	[,1.33.2)
M Denial of Service (DoS)	[,1.28.0)
M Open Redirect	[,1.28.0)
M Denial of Service (DoS)	[,1.28.0)
H Cross-site Scripting (XSS)	[,1.27.0)
M Improper Input Validation	[,1.27.0)
L Insecure Defaults	[,1.25.0)
M Denial of Service (DoS)	[0.99.0,1.25.0rc1)
M Denial of Service (DoS)	[,1.23.1)
H Denial of Service (DoS)	[,1.20.0)
M Cross-site Scripting (XSS)	[,1.21.0)
H Insufficient Verification of Data Authenticity	[,1.5.0rc2)

Package versions

1 - 100 of 419 Results

version	published	direct vulnerabilities
1.121.1	11 Dec, 2024	0 C 0 H 0 M 0 L
1.121.0	11 Dec, 2024	0 C 0 H 0 M 0 L
1.121.0rc1	4 Dec, 2024	0 C 0 H 0 M 0 L
1.120.2	3 Dec, 2024	0 C 0 H 0 M 0 L
1.120.0	26 Nov, 2024	0 C 3 H 1 M 0 L
1.120.0rc1	20 Nov, 2024	0 C 3 H 1 M 0 L
1.119.0	13 Nov, 2024	0 C 3 H 1 M 0 L
1.119.0rc2	11 Nov, 2024	0 C 3 H 1 M 0 L
1.118.0	29 Oct, 2024	0 C 3 H 1 M 0 L
1.118.0rc1	22 Oct, 2024	0 C 3 H 1 M 0 L
1.117.0	15 Oct, 2024	0 C 3 H 1 M 0 L
1.117.0rc1	8 Oct, 2024	0 C 3 H 1 M 0 L
1.116.0	1 Oct, 2024	0 C 3 H 1 M 0 L
1.116.0rc2	26 Sep, 2024	0 C 3 H 1 M 0 L
1.116.0rc1	25 Sep, 2024	0 C 3 H 1 M 0 L
1.115.0	17 Sep, 2024	0 C 3 H 1 M 0 L
1.115.0rc2	12 Sep, 2024	0 C 3 H 1 M 0 L
1.115.0rc1	10 Sep, 2024	0 C 3 H 1 M 0 L
1.114.0	2 Sep, 2024	0 C 3 H 1 M 0 L
1.114.0rc3	30 Aug, 2024	0 C 3 H 1 M 0 L
1.114.0rc1	20 Aug, 2024	0 C 3 H 1 M 0 L
1.113.0	13 Aug, 2024	0 C 3 H 1 M 0 L
1.113.0rc1	6 Aug, 2024	0 C 3 H 1 M 0 L
1.112.0	30 Jul, 2024	0 C 3 H 0 M 0 L
1.112.0rc1	23 Jul, 2024	0 C 3 H 0 M 0 L
1.111.1	30 Jul, 2024	0 C 3 H 0 M 0 L
1.111.0	16 Jul, 2024	0 C 3 H 0 M 0 L
1.111.0rc2	10 Jul, 2024	0 C 3 H 0 M 0 L
1.111.0rc1	9 Jul, 2024	0 C 3 H 0 M 0 L
1.110.0	3 Jul, 2024	0 C 3 H 0 M 0 L
1.110.0rc3	2 Jul, 2024	0 C 3 H 0 M 0 L
1.110.0rc2	26 Jun, 2024	0 C 3 H 0 M 0 L
1.109.0	18 Jun, 2024	0 C 3 H 0 M 0 L
1.109.0rc3	17 Jun, 2024	0 C 3 H 0 M 0 L
1.109.0rc2	11 Jun, 2024	0 C 3 H 0 M 0 L
1.109.0rc1	4 Jun, 2024	0 C 3 H 0 M 0 L
1.108.0	28 May, 2024	0 C 3 H 0 M 0 L
1.108.0rc1	21 May, 2024	0 C 3 H 0 M 0 L
1.107.0	14 May, 2024	0 C 3 H 0 M 0 L
1.107.0rc1	7 May, 2024	0 C 3 H 0 M 0 L
1.106.0	30 Apr, 2024	0 C 3 H 0 M 0 L
1.106.0rc1	25 Apr, 2024	0 C 4 H 1 M 0 L
1.105.1	23 Apr, 2024	0 C 4 H 1 M 0 L
1.105.0	16 Apr, 2024	0 C 4 H 2 M 0 L
1.105.0rc1	11 Apr, 2024	0 C 4 H 2 M 0 L
1.104.0	2 Apr, 2024	0 C 4 H 2 M 0 L
1.104.0rc1	26 Mar, 2024	0 C 4 H 2 M 0 L
1.103.0	19 Mar, 2024	0 C 4 H 2 M 0 L
1.103.0rc1	12 Mar, 2024	0 C 4 H 2 M 0 L
1.102.0	5 Mar, 2024	0 C 4 H 2 M 0 L
1.102.0rc1	20 Feb, 2024	0 C 4 H 2 M 0 L
1.101.0	13 Feb, 2024	0 C 4 H 2 M 0 L
1.101.0rc1	6 Feb, 2024	0 C 4 H 2 M 0 L
1.100.0	31 Jan, 2024	0 C 4 H 2 M 0 L
1.100.0rc3	24 Jan, 2024	0 C 4 H 2 M 0 L
1.100.0rc2	24 Jan, 2024	0 C 4 H 2 M 0 L
1.99.0	16 Jan, 2024	0 C 4 H 2 M 0 L
1.99.0rc1	9 Jan, 2024	0 C 4 H 2 M 0 L
1.98.0	12 Dec, 2023	0 C 4 H 2 M 0 L
1.98.0rc1	5 Dec, 2023	0 C 4 H 2 M 0 L
1.97.0	28 Nov, 2023	0 C 4 H 2 M 0 L
1.97.0rc1	21 Nov, 2023	0 C 4 H 2 M 0 L
1.96.1	17 Nov, 2023	0 C 4 H 2 M 0 L
1.96.0rc1	31 Oct, 2023	0 C 4 H 2 M 0 L
1.95.1	31 Oct, 2023	0 C 4 H 2 M 0 L
1.95.0	24 Oct, 2023	0 C 4 H 3 M 0 L
1.95.0rc1	17 Oct, 2023	0 C 4 H 3 M 0 L
1.94.0	10 Oct, 2023	0 C 4 H 3 M 0 L
1.94.0rc1	3 Oct, 2023	0 C 4 H 3 M 0 L
1.93.0	26 Sep, 2023	0 C 4 H 4 M 0 L
1.93.0rc1	19 Sep, 2023	0 C 4 H 6 M 0 L
1.92.3	18 Sep, 2023	0 C 4 H 6 M 0 L
1.92.2	15 Sep, 2023	0 C 4 H 6 M 0 L
1.92.1	12 Sep, 2023	0 C 4 H 6 M 0 L
1.92.0rc1	5 Sep, 2023	0 C 4 H 6 M 0 L
1.91.2	6 Sep, 2023	0 C 4 H 6 M 0 L
1.91.1	4 Sep, 2023	0 C 4 H 6 M 0 L
1.91.0	30 Aug, 2023	0 C 4 H 6 M 0 L
1.91.0rc1	23 Aug, 2023	0 C 4 H 6 M 0 L
1.90.0	15 Aug, 2023	0 C 4 H 6 M 0 L
1.90.0rc1	8 Aug, 2023	0 C 4 H 6 M 0 L
1.89.0	1 Aug, 2023	0 C 4 H 6 M 0 L
1.89.0rc1	26 Jul, 2023	0 C 4 H 6 M 0 L
1.88.0	18 Jul, 2023	0 C 4 H 6 M 0 L
1.88.0rc1	11 Jul, 2023	0 C 4 H 6 M 0 L
1.87.0	4 Jul, 2023	0 C 4 H 6 M 0 L
1.87.0rc1	27 Jun, 2023	0 C 4 H 6 M 0 L
1.86.0	20 Jun, 2023	0 C 4 H 6 M 0 L
1.86.0rc2	14 Jun, 2023	0 C 4 H 6 M 0 L
1.85.2	8 Jun, 2023	0 C 4 H 6 M 0 L
1.85.1	7 Jun, 2023	0 C 4 H 6 M 0 L
1.85.0	6 Jun, 2023	0 C 4 H 6 M 0 L
1.85.0rc2	1 Jun, 2023	0 C 4 H 6 M 0 L
1.85.0rc1	30 May, 2023	0 C 4 H 6 M 0 L
1.84.1	26 May, 2023	0 C 4 H 7 M 1 L
1.84.0	23 May, 2023	0 C 4 H 7 M 1 L
1.84.0rc1	16 May, 2023	0 C 4 H 7 M 1 L
1.83.0	9 May, 2023	0 C 4 H 7 M 1 L
1.83.0rc1	3 May, 2023	0 C 4 H 7 M 1 L
1.82.0	25 Apr, 2023	0 C 4 H 7 M 1 L

See all versions