matrix-synapse is vulnerable to authorization bypass. Requests to user provided domains were not restricted to external IP addresses when calculating the key validity for third-party invite events and sending push notifications, potentially resulting in Synapse to make requests to the internal infrastructure.
github.com/advisories/GHSA-v936-j8gp-9q3p
github.com/matrix-org/synapse/commit/30fba6210834a4ecd91badf0c8f3eb278b72e746
github.com/matrix-org/synapse/pull/8821
github.com/matrix-org/synapse/releases/tag/v1.25.0
github.com/matrix-org/synapse/security/advisories/GHSA-v936-j8gp-9q3p
lists.fedoraproject.org/archives/list/[email protected]/message/TNNAJOZNMVMXM6AS7RFFKB4QLUJ4IFEY/
security-tracker.debian.org/tracker/CVE-2021-21273