Filtered by vendor Matrix
Subscribe
Total
82 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5885 | 2 Fedoraproject, Matrix | 2 Fedora, Synapse | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users. | |||||
| CVE-2019-11842 | 1 Matrix | 2 Sydent, Synapse | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. Random number generation is mishandled, which makes it easier for attackers to predict a Sydent authentication token or a Synapse random ID. | |||||
| CVE-2019-11340 | 1 Matrix | 1 Sydent | 2026-06-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowed_local_3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on user@bad.example.net@good.example.com returns the user@bad.example.net substring. | |||||
| CVE-2018-16515 | 2 Debian, Matrix | 2 Debian Linux, Synapse | 2026-06-17 | 6.5 MEDIUM | 8.8 HIGH |
| Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation. | |||||
| CVE-2018-12423 | 1 Matrix | 1 Synapse | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force. | |||||
| CVE-2018-12291 | 1 Matrix | 1 Synapse | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| The on_get_missing_events function in handlers/federation.py in Matrix Synapse before 0.31.1 has a security bug in the get_missing_events federation API where event visibility rules were not applied correctly. | |||||
| CVE-2018-10657 | 1 Matrix | 1 Synapse | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018. | |||||
| CVE-2004-2089 | 1 Matrix | 1 Matrix Ftp Server | 2026-06-16 | 5.0 MEDIUM | N/A |
| Matrix FTP Server allows remote attackers to cause a denial of service (crash) by logging in using four spaces as the username and password and then issuing a LIST command. | |||||
| CVE-2025-66622 | 1 Matrix | 1 Matrix-rust-sdk | 2026-03-17 | N/A | 7.5 HIGH |
| matrix-sdk-base is the base component to build a Matrix client library. Versions 0.14.1 and prior are unable to handle responses that include custom m.room.join_rules values due to a serialization bug. This can be exploited to cause a denial-of-service condition, if a user is invited to a room with non-standard join rules, the crate's sync process will stall, preventing further processing for all rooms. This is fixed in version 0.16.0. | |||||
| CVE-2025-30355 | 1 Matrix | 1 Synapse | 2025-08-26 | N/A | 7.1 HIGH |
| Synapse is an open source Matrix homeserver implementation. A malicious server can craft events which, when received, prevent Synapse version up to 1.127.0 from federating with other servers. The vulnerability has been exploited in the wild and has been fixed in Synapse v1.127.1. No known workarounds are available. | |||||
| CVE-2024-31208 | 2 Fedoraproject, Matrix | 2 Fedora, Synapse | 2025-08-26 | N/A | 6.5 MEDIUM |
| Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate excessive data in the database of such instances, resulting in a denial of service. Servers in private federations, or those that do not federate, are not affected. Server administrators should upgrade to 1.105.1 or later. Some workarounds are available. One can ban the malicious users or ACL block servers from the rooms and/or leave the room and purge the room using the admin API. | |||||
| CVE-2024-37302 | 1 Matrix | 1 Synapse | 2025-08-26 | N/A | 7.5 HIGH |
| Synapse is an open-source Matrix homeserver. Synapse versions before 1.106 are vulnerable to a disk fill attack, where an unauthenticated adversary can induce Synapse to download and cache large amounts of remote media. The default rate limit strategy is insufficient to mitigate this. This can lead to a denial of service, ranging from further media uploads/downloads failing to completely unavailability of the Synapse process, depending on how Synapse was deployed. Synapse 1.106 introduces a new "leaky bucket" rate limit on remote media downloads to reduce the amount of data a user can request at a time. This does not fully address the issue, but does limit an unauthenticated user's ability to request large amounts of data to be cached. | |||||
| CVE-2024-37303 | 1 Matrix | 1 Synapse | 2025-08-26 | N/A | 5.3 MEDIUM |
| Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the local homeserver in an unauthenticated way. The implication is that unauthenticated remote adversaries can use this functionality to plant problematic content into the media repository. Synapse 1.106 introduces a partial mitigation in the form of new endpoints which require authentication for media downloads. The unauthenticated endpoints will be frozen in a future release, closing the attack vector. | |||||
| CVE-2024-52805 | 1 Matrix | 1 Synapse | 2025-08-26 | N/A | 7.5 HIGH |
| Synapse is an open-source Matrix homeserver. In Synapse before 1.120.1, multipart/form-data requests can in certain configurations transiently increase memory consumption beyond expected levels while processing the request, which can be used to amplify denial of service attacks. Synapse 1.120.1 resolves the issue by denying requests with unsupported multipart/form-data content type. | |||||
| CVE-2024-52815 | 1 Matrix | 1 Synapse | 2025-08-26 | N/A | 5.3 MEDIUM |
| Synapse is an open-source Matrix homeserver. Synapse versions before 1.120.1 fail to properly validate invites received over federation. This vulnerability allows a malicious server to send a specially crafted invite that disrupts the invited user's /sync functionality. Synapse 1.120.1 rejects such invalid invites received over federation and restores the ability to sync for affected users. | |||||
| CVE-2024-53863 | 1 Matrix | 1 Synapse | 2025-08-26 | N/A | 9.1 CRITICAL |
| Synapse is an open-source Matrix homeserver. In Synapse versions before 1.120.1, enabling the dynamic_thumbnails option or processing a specially crafted request could trigger the decoding and thumbnail generation of uncommon image formats, potentially invoking external tools like Ghostscript for processing. This significantly expands the attack surface in a historically vulnerable area, presenting a risk that far outweighs the benefit, particularly since these formats are rarely used on the open web or within the Matrix ecosystem. Synapse 1.120.1 addresses the issue by restricting thumbnail generation to images in the following widely used formats: PNG, JPEG, GIF, and WebP. This vulnerability is fixed in 1.120.1. | |||||
| CVE-2024-45191 | 1 Matrix | 1 Olm | 2025-06-17 | N/A | 5.3 MEDIUM |
| An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-45192 | 1 Matrix | 1 Olm | 2025-06-17 | N/A | 5.3 MEDIUM |
| An issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use of base64 when decoding group session keys. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2024-45193 | 1 Matrix | 1 Olm | 2025-06-17 | N/A | 4.3 MEDIUM |
| An issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due to lack of validation criteria (does not ensure that S < n). This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2025-27146 | 1 Matrix | 1 Matrix Irc Bridge | 2025-03-04 | N/A | 2.7 LOW |
| matrix-appservice-irc is a Node.js IRC bridge for Matrix. The matrix-appservice-irc bridge up to version 3.0.3 contains a vulnerability which can lead to arbitrary IRC command execution as the puppeted user. The attacker can only inject commands executed as their own IRC user. The vulnerability has been patched in matrix-appservice-irc version 3.0.4. | |||||