Vulnerability-Lookup

CVE-2021-21392 (GCVE-0-2021-21392)

Vulnerability from cvelistv5 – Published: 2021-04-12 21:50 – Updated: 2024-08-03 18:09

Title

Open redirect via transitional IPv6 addresses on dual-stack networks

Summary

Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds.

Severity ?

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

CWE

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Assigner

GitHub_M

References

URL

Tags

	https://pypi.org/project/matrix-synapse/	x_refsource_MISC
	https://github.com/matrix-org/synapse/security/ad…	x_refsource_CONFIRM
	https://github.com/matrix-org/synapse/pull/9240	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	matrix-org	synapse	Affected: < 1.28.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:09:15.930Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://pypi.org/project/matrix-synapse/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/matrix-org/synapse/pull/9240"
          },
          {
            "name": "FEDORA-2021-a627cfd31e",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "synapse",
          "vendor": "matrix-org",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.28.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-02T02:06:34.000Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://pypi.org/project/matrix-synapse/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/matrix-org/synapse/pull/9240"
        },
        {
          "name": "FEDORA-2021-a627cfd31e",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
        }
      ],
      "source": {
        "advisory": "GHSA-5wrh-4jwv-5w78",
        "discovery": "UNKNOWN"
      },
      "title": "Open redirect via transitional IPv6 addresses on dual-stack networks",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-21392",
          "STATE": "PUBLIC",
          "TITLE": "Open redirect via transitional IPv6 addresses on dual-stack networks"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "synapse",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "\u003c 1.28.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "matrix-org"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://pypi.org/project/matrix-synapse/",
              "refsource": "MISC",
              "url": "https://pypi.org/project/matrix-synapse/"
            },
            {
              "name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78",
              "refsource": "CONFIRM",
              "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"
            },
            {
              "name": "https://github.com/matrix-org/synapse/pull/9240",
              "refsource": "MISC",
              "url": "https://github.com/matrix-org/synapse/pull/9240"
            },
            {
              "name": "FEDORA-2021-a627cfd31e",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
            }
          ]
        },
        "source": {
          "advisory": "GHSA-5wrh-4jwv-5w78",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2021-21392",
    "datePublished": "2021-04-12T21:50:14.000Z",
    "dateReserved": "2020-12-22T00:00:00.000Z",
    "dateUpdated": "2024-08-03T18:09:15.930Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

PYSEC-2021-25

Vulnerability from pysec - Published: 2021-04-12 22:15 - Updated: 2021-04-26 18:40

Details

Impacted products

Name	purl
matrix-synapse	pkg:pypi/matrix-synapse

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "matrix-synapse",
        "purl": "pkg:pypi/matrix-synapse"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.28.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.33.5",
        "0.33.5.1",
        "0.33.6rc1",
        "0.33.6",
        "0.33.7rc1",
        "0.33.7rc2",
        "0.33.7",
        "0.33.8rc2",
        "0.33.8",
        "0.33.9",
        "0.34.0rc1",
        "0.34.0rc2",
        "0.34.0",
        "0.34.0.1",
        "0.34.1.1",
        "0.99.0rc1",
        "0.99.0rc2",
        "0.99.0rc3",
        "0.99.0rc4",
        "0.99.0",
        "0.99.1rc1",
        "0.99.1rc2",
        "0.99.1",
        "0.99.1.1",
        "0.99.2rc1",
        "0.99.2",
        "0.99.3rc1",
        "0.99.3",
        "0.99.3.1",
        "0.99.3.2",
        "0.99.4rc1",
        "0.99.4",
        "0.99.5rc1",
        "0.99.5",
        "0.99.5.1",
        "0.99.5.2",
        "1.0.0rc1",
        "1.0.0rc2",
        "1.0.0rc3",
        "1.0.0",
        "1.1.0rc1",
        "1.1.0rc2",
        "1.1.0",
        "1.2.0rc1",
        "1.2.0rc2",
        "1.2.0",
        "1.2.1",
        "1.3.0rc1",
        "1.3.0",
        "1.3.1",
        "1.4.0rc1",
        "1.4.0rc2",
        "1.4.0",
        "1.4.1rc1",
        "1.4.1",
        "1.5.0rc1",
        "1.5.0rc2",
        "1.5.0",
        "1.5.1",
        "1.6.0rc1",
        "1.6.0rc2",
        "1.6.0",
        "1.6.1",
        "1.7.0rc1",
        "1.7.0rc2",
        "1.7.0",
        "1.7.1",
        "1.7.2",
        "1.7.3",
        "1.8.0rc1",
        "1.8.0",
        "1.9.0.dev1",
        "1.9.0.dev2",
        "1.9.0rc1",
        "1.9.0",
        "1.9.1",
        "1.10.0rc1",
        "1.10.0rc2",
        "1.10.0rc3",
        "1.10.0rc5",
        "1.10.0",
        "1.10.1",
        "1.11.0rc1",
        "1.11.0",
        "1.11.1",
        "1.12.0rc1",
        "1.12.0",
        "1.12.1rc1",
        "1.12.1",
        "1.12.2",
        "1.12.3",
        "1.12.4rc1",
        "1.12.4",
        "1.13.0rc1",
        "1.13.0rc2",
        "1.13.0rc3",
        "1.13.0",
        "1.14.0rc1",
        "1.14.0rc2",
        "1.14.0",
        "1.15.0rc1",
        "1.15.0",
        "1.15.1",
        "1.15.2",
        "1.16.0rc1",
        "1.16.0rc2",
        "1.16.0",
        "1.16.1",
        "1.17.0rc1",
        "1.17.0",
        "1.18.0rc1",
        "1.18.0rc2",
        "1.18.0",
        "1.19.0rc1",
        "1.19.0",
        "1.19.1rc1",
        "1.19.1",
        "1.19.2",
        "1.19.3",
        "1.20.0rc1",
        "1.20.0rc2",
        "1.20.0rc3",
        "1.20.0rc4",
        "1.20.0rc5",
        "1.20.0",
        "1.20.1",
        "1.21.0rc1",
        "1.21.0rc2",
        "1.21.0rc3",
        "1.21.0",
        "1.21.1",
        "1.21.2",
        "1.22.0rc1",
        "1.22.0rc2",
        "1.22.0",
        "1.22.1",
        "1.23.0rc1",
        "1.23.0",
        "1.23.1",
        "1.24.0rc1",
        "1.24.0rc2",
        "1.24.0",
        "1.25.0rc1",
        "1.25.0",
        "1.26.0rc1",
        "1.26.0rc2",
        "1.26.0",
        "1.27.0rc1",
        "1.27.0rc2",
        "1.27.0",
        "1.28.0rc1"
      ]
    }
  ],
  "aliases": [
    "CVE-2021-21392",
    "GHSA-5wrh-4jwv-5w78"
  ],
  "details": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds.",
  "id": "PYSEC-2021-25",
  "modified": "2021-04-26T18:40:00Z",
  "published": "2021-04-12T22:15:00Z",
  "references": [
    {
      "type": "PACKAGE",
      "url": "https://pypi.org/project/matrix-synapse/"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/synapse/pull/9240"
    }
  ]
}

GSD-2021-21392

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-21392

Aliases

CVE-2021-21392

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-21392",
    "description": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds.",
    "id": "GSD-2021-21392",
    "references": [
      "https://www.suse.com/security/cve/CVE-2021-21392.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-21392"
      ],
      "details": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds.",
      "id": "GSD-2021-21392",
      "modified": "2023-12-13T01:23:10.726436Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2021-21392",
        "STATE": "PUBLIC",
        "TITLE": "Open redirect via transitional IPv6 addresses on dual-stack networks"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "synapse",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "\u003c 1.28.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "matrix-org"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://pypi.org/project/matrix-synapse/",
            "refsource": "MISC",
            "url": "https://pypi.org/project/matrix-synapse/"
          },
          {
            "name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78",
            "refsource": "CONFIRM",
            "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"
          },
          {
            "name": "https://github.com/matrix-org/synapse/pull/9240",
            "refsource": "MISC",
            "url": "https://github.com/matrix-org/synapse/pull/9240"
          },
          {
            "name": "FEDORA-2021-a627cfd31e",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-5wrh-4jwv-5w78",
        "discovery": "UNKNOWN"
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.28.0",
          "affected_versions": "All versions before 1.28.0",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-601",
            "CWE-937"
          ],
          "date": "2021-11-23",
          "description": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds.",
          "fixed_versions": [
            "1.28.0"
          ],
          "identifier": "CVE-2021-21392",
          "identifiers": [
            "CVE-2021-21392",
            "GHSA-5wrh-4jwv-5w78"
          ],
          "not_impacted": "All versions starting from 1.28.0",
          "package_slug": "pypi/matrix-synapse",
          "pubdate": "2021-04-12",
          "solution": "Upgrade to version 1.28.0 or above.",
          "title": "URL Redirection to Untrusted Site (Open Redirect)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2021-21392"
          ],
          "uuid": "b0a0b330-b796-4295-99ce-2309057c0f7c"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.28.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2021-21392"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-601"
                },
                {
                  "lang": "en",
                  "value": "CWE-601"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://pypi.org/project/matrix-synapse/",
              "refsource": "MISC",
              "tags": [
                "Product",
                "Third Party Advisory"
              ],
              "url": "https://pypi.org/project/matrix-synapse/"
            },
            {
              "name": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"
            },
            {
              "name": "https://github.com/matrix-org/synapse/pull/9240",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/matrix-org/synapse/pull/9240"
            },
            {
              "name": "FEDORA-2021-a627cfd31e",
              "refsource": "FEDORA",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 4.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.1,
          "impactScore": 4.2
        }
      },
      "lastModifiedDate": "2021-11-23T22:36Z",
      "publishedDate": "2021-04-12T22:15Z"
    }
  }
}

FKIE_CVE-2021-21392

Vulnerability from fkie_nvd - Published: 2021-04-12 22:15 - Updated: 2024-11-21 05:48

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/matrix-org/synapse/pull/9240	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78	Patch, Third Party Advisory
security-advisories@github.com	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/
security-advisories@github.com	https://pypi.org/project/matrix-synapse/	Product, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/matrix-org/synapse/pull/9240	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/
af854a3a-2127-422b-91ae-364da2661108	https://pypi.org/project/matrix-synapse/	Product, Third Party Advisory

Impacted products

	Vendor	Product	Version
	matrix	synapse	*
	fedoraproject	fedora	34

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23F4FE7B-D273-4A8C-8B2C-102FD4E1B1EE",
              "versionEndExcluding": "1.28.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
              "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.28.0 requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks. See referenced GitHub security advisory for details and workarounds."
    },
    {
      "lang": "es",
      "value": "Synapse es un servidor dom\u00e9stico de referencia de Matrix escrito en python (paquete pypi matrix-synapse).\u0026#xa0;Matrix es un ecosistema para VoIP y mensajer\u00eda instant\u00e1nea federada abierta.\u0026#xa0;En Synapse, versiones anteriores a 1.28.0, las peticiones a los dominios proporcionados por el usuario no estaban restringidas a direcciones IP externas cuando se usaban direcciones IPv6 de transici\u00f3n.\u0026#xa0;Las peticiones salientes a la federaci\u00f3n, los servidores de identidad, al calcular la validez de la clave para eventos de invitaci\u00f3n de terceros, el env\u00edo de notificaciones push y la generaci\u00f3n de vistas previas de URL est\u00e1n afectadas.\u0026#xa0;Esto podr\u00eda causar que Synapse realice peticiones a la infraestructura interna en redes de doble pila.\u0026#xa0;Consulte el aviso de seguridad de GitHub al que se hace referencia para obtener detalles y soluciones"
    }
  ],
  "id": "CVE-2021-21392",
  "lastModified": "2024-11-21T05:48:15.877",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 4.2,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-04-12T22:15:13.147",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/matrix-org/synapse/pull/9240"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"
    },
    {
      "source": "security-advisories@github.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Product",
        "Third Party Advisory"
      ],
      "url": "https://pypi.org/project/matrix-synapse/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/matrix-org/synapse/pull/9240"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product",
        "Third Party Advisory"
      ],
      "url": "https://pypi.org/project/matrix-synapse/"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-5WRH-4JWV-5W78

Vulnerability from github – Published: 2021-04-13 15:13 – Updated: 2024-09-30 20:28

Summary

Open redirect via transitional IPv6 addresses on dual-stack networks

Details

Impact

Requests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks.

Patches

This issue is fixed by #9240.

Workarounds

Outbound requests to the following address ranges can be blocked by a firewall, if unused for internal communication between systems:

::ffff/80
::0000/80 (note that this IP range is considered deprecated by the IETF)
2002::/16 (note that this IP range is considered deprecated by the IETF)

References

Severity ?

6.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N

7.1 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "matrix-synapse"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.28.0rc1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-21392"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-601"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-04-12T21:51:49Z",
    "nvd_published_at": "2021-04-12T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "### Impact\nRequests to user provided domains were not restricted to external IP addresses when transitional IPv6 addresses were used. Outbound requests to federation, identity servers, when calculating the key validity for third-party invite events, sending push notifications, and generating URL previews are affected. This could cause Synapse to make requests to internal infrastructure on dual-stack networks.\n\n### Patches\nThis issue is fixed by #9240.\n\n### Workarounds\nOutbound requests to the following address ranges can be blocked by a firewall, if unused for internal communication between systems:\n\n* `::ffff/80`\n* `::0000/80` (note that this IP range is considered deprecated by the IETF)\n* `2002::/16` (note that this IP range is considered deprecated by the IETF)\n\n### References\n* [RFC3056](https://tools.ietf.org/html/rfc3056)\n* [RFC4291](https://tools.ietf.org/html/rfc4291)",
  "id": "GHSA-5wrh-4jwv-5w78",
  "modified": "2024-09-30T20:28:18Z",
  "published": "2021-04-13T15:13:08Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21392"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/synapse/pull/9240"
    },
    {
      "type": "WEB",
      "url": "https://github.com/matrix-org/synapse/commit/4ca054a4eaa714d0befb4fc30b19a1131e52c9cc"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/matrix-org/synapse"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/matrix-synapse/PYSEC-2021-25.yaml"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY"
    },
    {
      "type": "WEB",
      "url": "https://pypi.org/project/matrix-synapse"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Open redirect via transitional IPv6 addresses on dual-stack networks"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-21392 (GCVE-0-2021-21392)

PYSEC-2021-25

GSD-2021-21392

FKIE_CVE-2021-21392

GHSA-5WRH-4JWV-5W78

Impact

Patches

Workarounds

References

Tags

Sightings

Nomenclature