py-matrix-synapse -- several vulnerabilities
Matrix developers report:
This release patches two moderate severity issues which
could reveal metadata about private rooms:
- CVE-2021-39164: Enumerating a private room's list of
members and their display names.
- CVE-2021-39163: Disclosing a private room's name,
avatar, topic, and number of members.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright