Sydent DoS (via resource exhaustion) due to improper input validation
Moderate severity
GitHub Reviewed
Published
Apr 15, 2021
in
matrix-org/sydent
•
Updated Sep 24, 2024
Description
Published by the National Vulnerability Database
Apr 15, 2021
Reviewed
Apr 15, 2021
Published to the GitHub Advisory Database
Apr 16, 2021
Last updated
Sep 24, 2024
Impact
Missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion.
Patches
Fixed by 3175fd3.
For more information
If you have any questions or comments about this advisory, email us at security@matrix.org.
References