CVE-2021-39164
Reported by GitHub_M · Published August 31, 2021
Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership (list of members, with their display names) of a room if they know the ID of the room. The vulnerability is limited to rooms with `shared` history visibility. Furthermore, the unauthorised user must be using an account on a vulnerable homeserver that is in the room. Server administrators should upgrade to 1.41.1 or later in order to receive the patch. One workaround is available. Administrators of servers that use a reverse proxy could, with potentially unacceptable loss of functionality, block the endpoints: `/_matrix/client/r0/rooms/{room_id}/members` with `at` query parameter, and `/_matrix/client/unstable/rooms/{room_id}/members` with `at` query parameter.
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| matrix-org | synapse | < 1.41.1 |
| matrix-org | synapse | < 1.41.1 |
| alpine | synapse | 0, 0, 0 |
Timeline
- Aug 31, 2021 CVE Published
- Sep 1, 2021 EPSS Score
- Oct 29, 2021 EPSS Score
- Dec 26, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 22, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 21, 2022 EPSS Score
- Jun 18, 2022 EPSS Score
- Oct 13, 2022 EPSS Score
- Dec 10, 2022 EPSS Score
- Feb 6, 2023 EPSS Score
References
- x_refsource_MISC
- x_refsource_MISC
- x_refsource_CONFIRM
- FEDORA-2021-2e8ed15b14 vendor-advisoryx_refsource_FEDORA
- FEDORA-2021-f12fdca1bf vendor-advisoryx_refsource_FEDORA