6 matches found
CVE-2023-41646
Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/...
@buttercup/diag (>=0.1.0 <=0.2.0), bcup-cli (>=1.0.0 <=1.2.0) +2 more potentially affected by CVE-2023-41646 via buttercup (>=3.0.0 <=6.17.2)
buttercup NPM version =3.0.0, =0.1.0, =1.0.0, =1.0.1, =0.2.3, =0.2.4 Source cves: CVE-2023-41646 Source advisory: OSV:GHSA-7CWQ-P8CR-H9QG...
CVE-2023-41646
Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/...
CVE-2023-41646
Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/...
CVE-2023-41646
Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/...
CVE-2023-41646
Buttercup v2.20.3 is vulnerable: an attacker can obtain the master password hash by reading the vaults.json file. Root cause cited: exposure of vaults.json without proper protection. Impact per sources: potential leakage of master password hash (CVSS 3.1 base score 5.3, Confidentiality impact Low...