usn-7444-1
Vulnerability from osv_ubuntu
Published
2025-04-22 17:24
Modified
2026-04-27 14:11
Summary
matrix-synapse vulnerabilities
Details

It was discovered that Synapse network policies could be bypassed via specially crafted URLs. An attacker could possibly use this issue to bypass authentication mechanisms. (CVE-2023-32683)

It was discovered that Synapse exposed cached device information. An attacker could possibly use this issue to gain access to sensitive information. (CVE-2023-43796)

It was discovered that Synapse could be tricked into rejecting state changes in rooms. An attacker could possibly use this issue to cause Synapse to stop functioning properly, resulting in a denial of service. This issue was only fixed in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-39374)

It was discovered that Synapse stored user credentials in a server's database temporarily. An attacker could possibly use this issue to gain access to sensitive information. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2023-41335)

It was discovered that Synapse could incorrectly respond to server authorization events. An attacker could possibly use this issue to bypass authentication mechanisms. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2022-39335)

It was discovered that Synapse could be manipulated to mark messages as read when they had not been viewed. An attacker could possibly use this issue to perform repudiation-based attacks. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2023-42453)

It was discovered that Synapse had several memory-related issues. An attacker could possibly use this issue to cause Synapse to crash, resulting in a denial of service. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2024-31208)

It was discovered that Synapse could run external tools due to a unchecked thumbnail rendering routine. An attacker could possibly use this issue to cause Synapse to crash, resulting in a denial of service, or execute arbitrary code. This issue was only fixed in Ubuntu 22.04 LTS. (CVE-2024-53863)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2023-32683",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-43796",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:18.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "matrix-synapse",
            "binary_version": "0.24.0+dfsg-1ubuntu0.1~esm4"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:18.04:LTS",
        "name": "matrix-synapse",
        "purl": "pkg:deb/ubuntu/matrix-synapse@0.24.0+dfsg-1ubuntu0.1~esm4?arch=source\u0026distro=esm-apps/bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.24.0+dfsg-1ubuntu0.1~esm4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.19.2+dfsg-6",
        "0.24.0+dfsg-1",
        "0.24.0+dfsg-1ubuntu0.1~esm1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2022-39374",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-32683",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-43796",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "matrix-synapse",
            "binary_version": "1.11.0-1ubuntu0.1~esm2"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:20.04:LTS",
        "name": "matrix-synapse",
        "purl": "pkg:deb/ubuntu/matrix-synapse@1.11.0-1ubuntu0.1~esm2?arch=source\u0026distro=esm-apps/focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.11.0-1ubuntu0.1~esm2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.3.0-1",
        "1.4.0-1",
        "1.5.0-1",
        "1.5.1-1",
        "1.6.0-1",
        "1.6.1-1",
        "1.7.0-2",
        "1.7.1-1",
        "1.7.2-1",
        "1.7.3-1",
        "1.8.0-1",
        "1.9.0-1",
        "1.9.1-1",
        "1.10.0-1",
        "1.10.0-2",
        "1.11.0-1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2022-39335",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2022-39374",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-32683",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-41335",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-42453",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2023-43796",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-31208",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2024-53863",
              "severity": [
                {
                  "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
                  "type": "CVSS_V4"
                },
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:Pro:22.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
        "binaries": [
          {
            "binary_name": "matrix-synapse",
            "binary_version": "1.53.0-1ubuntu0.1~esm2"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:22.04:LTS",
        "name": "matrix-synapse",
        "purl": "pkg:deb/ubuntu/matrix-synapse@1.53.0-1ubuntu0.1~esm2?arch=source\u0026distro=esm-apps/jammy"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.53.0-1ubuntu0.1~esm2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1.39.0-1",
        "1.47.0-2",
        "1.47.1-1",
        "1.48.0-1",
        "1.49.0-1",
        "1.49.2-1",
        "1.50.1-1",
        "1.50.2-1",
        "1.51.0-1",
        "1.52.0-1",
        "1.53.0-1"
      ]
    }
  ],
  "aliases": [],
  "details": "It was discovered that Synapse network policies could be bypassed via\nspecially crafted URLs. An attacker could possibly use this issue to\nbypass authentication mechanisms. (CVE-2023-32683)\n\nIt was discovered that Synapse exposed cached device information. An\nattacker could possibly use this issue to gain access to sensitive\ninformation. (CVE-2023-43796)\n\nIt was discovered that Synapse could be tricked into rejecting state\nchanges in rooms. An attacker could possibly use this issue to cause\nSynapse to stop functioning properly, resulting in a denial of service.\nThis issue was only fixed in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.\n(CVE-2022-39374)\n\nIt was discovered that Synapse stored user credentials in a server\u0027s\ndatabase temporarily. An attacker could possibly use this issue to\ngain access to sensitive information. This issue was only fixed in\nUbuntu 22.04 LTS. (CVE-2023-41335)\n\nIt was discovered that Synapse could incorrectly respond to server\nauthorization events. An attacker could possibly use this issue to\nbypass authentication mechanisms. This issue was only fixed in Ubuntu\n22.04 LTS. (CVE-2022-39335)\n\nIt was discovered that Synapse could be manipulated to mark messages\nas read when they had not been viewed. An attacker could possibly use\nthis issue to perform repudiation-based attacks. This issue was only\nfixed in Ubuntu 22.04 LTS. (CVE-2023-42453)\n\nIt was discovered that Synapse had several memory-related issues. An\nattacker could possibly use this issue to cause Synapse to crash,\nresulting in a denial of service. This issue was only fixed in Ubuntu\n22.04 LTS. (CVE-2024-31208)\n\nIt was discovered that Synapse could run external tools due to a\nunchecked thumbnail rendering routine. An attacker could possibly use\nthis issue to cause Synapse to crash, resulting in a denial of service,\nor execute arbitrary code. This issue was only fixed in Ubuntu\n22.04 LTS. (CVE-2024-53863)\n",
  "id": "USN-7444-1",
  "modified": "2026-04-27T14:11:41Z",
  "published": "2025-04-22T17:24:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-7444-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-39335"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2022-39374"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-32683"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-41335"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-42453"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2023-43796"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-31208"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2024-53863"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "matrix-synapse vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2022-39335",
    "UBUNTU-CVE-2022-39374",
    "UBUNTU-CVE-2023-32683",
    "UBUNTU-CVE-2023-41335",
    "UBUNTU-CVE-2023-42453",
    "UBUNTU-CVE-2023-43796",
    "UBUNTU-CVE-2024-31208",
    "UBUNTU-CVE-2024-53863"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…