4 matches found
EUVD-2019-0059
Malware in sbrugna...
EUVD-2023-0093
Malicious code in bioql PyPI...
CVE-2023-41893
Home assistant is an open source home automation. The audit team’s analyses confirmed that the redirecturi and clientid are alterable when logging in. Consequently, the code parameter utilized to fetch the accesstoken post-authentication will be sent to the URL specified in the aforementioned...
Man-in-the-middle(MitM) Attack
homeassistant is vulnerable to Man-in-the-middleMitM Attack. The vulnerability is due to missing SSL certificate verification and improper migration of the verifyssl parameter to the ssl parameter in aiohttp, which unintentionally disabled SSL verification, allows an attacker to intercept and...