Sydent DoS (via resource exhaustion) due to improper input validation

GHSA-pw4v-gr34-2553 · CVE-2021-29433 · PYSEC-2021-24

Published Apr 16, 2021 · Modified Mar 13, 2026

Description

Impact

Missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion.

Patches

Fixed by 3175fd3.

For more information

If you have any questions or comments about this advisory, email us at security@matrix.org.

References

WEB https://github.com/matrix-org/sydent/security/advisories/GHSA-pw4v-gr34-2553
ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-29433
WEB https://github.com/matrix-org/sydent/commit/3175fd358ebc2c310eab7a3dbf296ce2bd54c1da
PACKAGE https://github.com/matrix-org/sydent
WEB https://github.com/pypa/advisory-database/tree/main/vulns/matrix-sydent/PYSEC-2021-24.yaml
WEB https://pypi.org/project/matrix-sydent

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes