Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vaultwarden
(Dani\-Garcia)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-01-09 | CVE-2024-55226 | Vaultwarden v1.32.5 was discovered to contain an authenticated reflected cross-site scripting (XSS) vulnerability via the component /api/core/mod.rs. | Vaultwarden | N/A | ||
| 2025-01-09 | CVE-2024-55225 | An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted authorization request. | Vaultwarden | N/A | ||
| 2025-01-09 | CVE-2024-55224 | An HTML injection vulnerability in Vaultwarden prior to v1.32.5 allows attackers to execute arbitrary code via injecting a crafted payload into the username field of an e-mail message. | Vaultwarden | N/A |