3 matches found
CVE-2026-33472
Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority that allows an attacker to bypass the security fix for CVE-2026-32303. The method hardcodes the URI scheme based on port number, causin...
CVE-2026-33472
CVE-2026-33472 affects Cryptomator 1.19.1, where a logic flaw in CheckHostTrustController.getAuthority() causes HTTPS URLs on port 80 to yield the same authority as HTTP, bypassing the intended consistency check and HTTP block validation. This enables a network-positioned attacker, who has write ...
Cryptomator 安全漏洞
Cryptomator is a simple digital self-defense tool within the Cryptomator community. Version 1.19.1 of Cryptomator contains a security vulnerability. This vulnerability stems from a logical flaw in the CheckHostTrustController.getAuthority method, which may allow bypassing security fixes and...