vulnerability
FreeBSD: VID-E9B8E519-0D50-11F0-86D8-901B0E934D69 (CVE-2025-30355): py-matrix-synapse -- federation denial of service via malformed events
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:S/C:N/I:P/A:C) | 2025-03-26 | 2025-04-15 | 2025-04-23 |
Severity
8
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:C)
Published
2025-03-26
Added
2025-04-15
Modified
2025-04-23
Description
Synapse is an open source Matrix homeserver implementation. A malicious server can craft events which, when received, prevent Synapse version up to 1.127.0 from federating with other servers. The vulnerability has been exploited in the wild and has been fixed in Synapse v1.127.1. No known workarounds are available.
Solution(s)
freebsd-upgrade-package-py310-matrix-synapsefreebsd-upgrade-package-py311-matrix-synapsefreebsd-upgrade-package-py38-matrix-synapsefreebsd-upgrade-package-py39-matrix-synapse
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.