{"id":"CVE-2021-29433","details":"Sydent is a reference Matrix identity server. In Sydent versions 2.2.0 and prior, sissing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. A patch for the vulnerability is in version 2.3.0. No workarounds are known to exist.","aliases":["GHSA-pw4v-gr34-2553","PYSEC-2021-24"],"modified":"2026-03-14T14:57:17.181427Z","published":"2021-04-15T18:15:12.497Z","related":["GHSA-pw4v-gr34-2553"],"references":[{"type":"FIX","url":"https://github.com/matrix-org/sydent/commit/3175fd358ebc2c310eab7a3dbf296ce2bd54c1da"},{"type":"FIX","url":"https://github.com/matrix-org/sydent/security/advisories/GHSA-pw4v-gr34-2553"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/matrix-org/sydent","events":[{"introduced":"0"},{"fixed":"c2ab10897500dbba1c0d4be33f42985d81bbad7d"},{"fixed":"3175fd358ebc2c310eab7a3dbf296ce2bd54c1da"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.3.0"}]}}],"versions":["fosdem_2021-01-15","v1.0.0","v1.0.1","v1.0.2","v1.0.3","v2.0.0","v2.0.1","v2.1.0","v2.2.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-29433.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}]}