vulnerability
FreeBSD: VID-cfa0be42-3cd7-11eb-9de7-641c67a117d8 (CVE-2020-26257): py-matrix-synapse -- DoS on Federation API
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | Dec 13, 2020 | Dec 13, 2020 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
Dec 13, 2020
Added
Dec 13, 2020
Modified
Dec 10, 2025
Description
Matrix developers reports: A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a /send_join, /send_leave, /invite or /exchange_third_party_invite request. This can lead to a denial of service in which future events will not be correctly sent to other servers over federation. This affects any server which accepts federation requests from untrusted servers.
Solutions
freebsd-upgrade-package-py36-matrix-synapsefreebsd-upgrade-package-py37-matrix-synapsefreebsd-upgrade-package-py38-matrix-synapsefreebsd-upgrade-package-py39-matrix-synapse
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.