vulnerability
FreeBSD: VID-27aa2253-4c72-11ec-b6b9-e86a64caca56 (CVE-2021-41281): py-matrix-synapse -- several vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Nov 23, 2021 | Nov 4, 2022 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Nov 23, 2021
Added
Nov 4, 2022
Modified
Dec 10, 2025
Description
Matrix developers report: This release patches one high severity issue affecting Synapse installations 1.47.0 and earlier using the media repository. An attacker could cause these Synapses to download a remote file and store it in a directory outside the media repository. Note that: This only affects homeservers using Synapse's built-in media repository, as opposed to synapse-s3-storage-provider or matrix-media-repo. Attackers cannot control the exact name or destination of the stored file.
Solutions
freebsd-upgrade-package-py36-matrix-synapsefreebsd-upgrade-package-py37-matrix-synapsefreebsd-upgrade-package-py38-matrix-synapsefreebsd-upgrade-package-py39-matrix-synapsefreebsd-upgrade-package-py310-matrix-synapse
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.