Sliding Sync Vulnerability in Synapse Matrix Homeserver by Element
CVE-2024-53867
Currently unrated
What is CVE-2024-53867?
The Sliding Sync feature in Synapse, a prominent open-source Matrix homeserver developed by Element, is prone to an information disclosure vulnerability. This flaw allows for the leaking of partial room state changes to users who are no longer participants in a room. It is important to note that non-state events, such as messages, remain unaffected by this issue. The vulnerability impacts several versions of Synapse, specifically between 1.113.0rc1 and 1.120.0. Users are advised to upgrade to version 1.120.1 or higher, where the issue has been effectively mitigated.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.