CVE-2023-32682

Risk Scores

Affected Products

Timeline

• May 19, 2023 Fix PR Merged
• May 23, 2023 Fix PR Merged
• Jun 6, 2023 CVE Published
• Jun 7, 2023 EPSS Score
• Jul 13, 2023 EPSS Score
• Aug 17, 2023 EPSS Score
• Sep 22, 2023 EPSS Score
• Oct 28, 2023 EPSS Score
• Dec 3, 2023 EPSS Score
• Jan 7, 2024 EPSS Score
• Feb 12, 2024 EPSS Score
• Apr 24, 2024 EPSS Score

References

• https://github.com/matrix-org/synapse/security/advisories/GHSA-26c5-ppr8-f33p url
• https://github.com/matrix-org/synapse/pull/15624 url
• https://github.com/matrix-org/synapse/pull/15634 url
• https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#create-or-modify-account url
• https://matrix-org.github.io/synapse/latest/jwt.html url
• https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#password_config url
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6DH5A5YEB5LRIPP32OUW25FCGZFCZU2/ url
• https://nvd.nist.gov/vuln/detail/CVE-2023-32682 advisory
• https://github.com/matrix-org/synapse/issues/12274 url
• https://github.com/matrix-org/synapse package
• https://github.com/matrix-org/synapse/releases/tag/v1.85.0 url
• https://github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2023-84.yaml url
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6DH5A5YEB5LRIPP32OUW25FCGZFCZU2 url