CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dani-Garcia: >> Vaultwarden >> 1.15.0 Security Vulnerabilities

CVE-2024-55224

An HTML injection vulnerability in Vaultwarden prior to v1.32.5 allows attackers to execute arbitrary code via injecting a crafted payload into the username field of an e-mail message.

CVSS Score

9.6

EPSS Score

0.002

Published

2025-01-09

CVE-2024-55225

An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted authorization request.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-01-09

Page 1

Vulnerabilities

Vulnerable Software

Dani-Garcia: >> Vaultwarden >> 1.15.0 Security Vulnerabilities

Products

Pricing

Contact Us