First published: Thu Apr 15 2021(Updated: )
### Impact Missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. ### Patches Fixed by 3175fd3. ### For more information If you have any questions or comments about this advisory, email us at security@matrix.org.
Credit: security-advisories@github.com security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Matrix Sydent | <2.3.0 | |
pip/matrix-sydent | <2.3.0 | 2.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-29433.
The affected software is Matrix Sydent version 2.2.0 and prior.
The severity of CVE-2021-29433 is medium with a CVSS score of 4.3.
CVE-2021-29433 can cause excessive use of disk space and memory leading to resource exhaustion in Matrix Sydent.
Yes, a patch for CVE-2021-29433 is available.