CVE-2024-55225 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted aut…
Critical CVSS: 9.8

CVE-2024-55225

An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted authorization request.
Vendor
Dani-garcia
Product
Vaultwarden
CWE
CWE-276
Yayın Tarihi
2025-01-09 21:15:29
Güncelleme
2025-06-20 18:29:52
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-276 Vaultwarden CRITICAL Dani-garcia 2025

Referanslar

https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.4 https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.5 https://insinuator.net/2024/11/vulnerability-disclosure-authentication-bypass-in-vaultwarden-versions-1-32-5/