Security Advisory

CVE-2024-52805

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-03 17:01:50

Last updated 2024-12-03 19:04:44

Assigner GitHub_M

State PUBLISHED

Description

Synapse is an open-source Matrix homeserver. In Synapse before 1.120.1, multipart/form-data requests can in certain configurations transiently increase memory consumption beyond expected levels while processing the request, which can be used to amplify denial of service attacks. Synapse 1.120.1 resolves the issue by denying requests with unsupported multipart/form-data content type.

← Browse all CVEs View on cve.org ↗