DescriptionThe on_get_missing_events function in handlers/federation.py in Matrix Synapse before 0.31.1 has a security bug in the get_missing_events federation API where event visibility rules were not applied correctly.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- openSUSE-SU-2018:1767-1, published Wed, 20 Jun 2018 21:10:38 +0200 (CEST)
List of released packages
|Product(s)||Fixed package version(s)||References|
|openSUSE Leap 15.0|| ||Patchnames: