In Synapse before version 1.28.0 Synapse is missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. Upstream reference: https://github.com/matrix-org/synapse/security/advisories/GHSA-w9fg-xffh-p362
Created matrix-synapse tracking bugs for this issue: Affects: fedora-all [bug 1958801]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.