FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Vaultwarden -- Multiple vulnerabilities

Affected packages
vaultwarden < 1.33.0

Details

VuXML ID 41711c0d-db27-11ef-873e-8447094a420f
Discovery 2025-01-25
Entry 2025-01-25

The Vaultwarden project reports:

RCE in the admin panel.

Getting access to the Admin Panel via CSRF.

Escalation of privilege via variable confusion in OrgHeaders trait.

[source]

References

CVE Name CVE-2025-24364
CVE Name CVE-2025-24365
URL https://github.com/dani-garcia/vaultwarden/security/advisories/GHSA-h6cc-rc6q-23j4
URL https://github.com/dani-garcia/vaultwarden/security/advisories/GHSA-j4h8-vch3-f797

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.