CVE-2024-53867
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Dec 3, 2024
CWE ID 497
Summary
CVE-2024-53867 is a vulnerability affecting Synapse, an open-source Matrix homeserver. When versions 1.113.0rc1 to 1.120.0 are in use, the Sliding Sync feature allows partial room state changes to be leaked to users who have left the room. It's important to note that non-state events such as messages remain unaffected. This issue has been addressed in Synapse version 1.120.1.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share