CVE-2023-42453: matrix-synapse vulnerable to improper validation of receipts allows forged read receipts
(updated )
Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but simply mark it as read. This could be confusing as clients will show the event as read by the user, even if they are not in the room.
References
- github.com/advisories/GHSA-7565-cq32-vx2x
- github.com/matrix-org/synapse
- github.com/matrix-org/synapse/commit/63d28a88c1d18c64ea7e23b6dd7483e6d5dcf881
- github.com/matrix-org/synapse/pull/16327
- github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x
- github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2023-180.yaml
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2AFB2Y3S2VCPCN5P2XCZTG24MBMZ7DM4
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65QPC55I4D27HIZP7H2NQ34EOXHPP4AO
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6P4QULVUE254WI7XF2LWWOGHCYVFXFY
- nvd.nist.gov/vuln/detail/CVE-2023-42453
- security.gentoo.org/glsa/202401-12
Code Behaviors & Features
Detect and mitigate CVE-2023-42453 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →