EUVD-2022-42724

Malicious code in bioql PyPI...

EUVD-2022-42712

Malicious code in bioql PyPI...

CVE-2022-3321

It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in t...

CVE-2022-3322

Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action...

CVE-2022-3337

It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...

CVE-2022-3337

It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...

CVE-2022-3322

Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action...

CVE-2022-3321

It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in...

Design/Logic Flaw

Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint...

Design/Logic Flaw

Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action...

Information disclosure

It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...

CVE-2022-3322

The CVE-2022-3322 issue concerns Cloudflare WARP on iOS where the Lock Warp switch can be bypassed due to insufficient policy verification in the WARP iOS client. A bypass via the"Disable WARP" quick action allows enrolled devices to disable the WARP client even when the Lock Warp feature is enab...

CVE-2022-3322 Lock WARP switch bypass on WARP mobile client using iOS quick action

Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action...

CVE-2022-3337 Lock WARP switch bypass by removing VPN profile on iOS mobile client

It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...

CVE-2022-3337 Lock WARP switch bypass by removing VPN profile on iOS mobile client

It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch feature being enabled on Zero Trust Platform. This led to...

CVE-2022-3321 Lock WARP switch feature bypass on WARP mobile client for iOS

It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in...

CVE-2022-3321 Lock WARP switch feature bypass on WARP mobile client for iOS

It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in...

CVE-2022-3512 Lock WARP switch bypass using warp-cli 'add-trusted-ssid' command

Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint...

CVE-2022-3512

CVE-2022-3512 affects Cloudflare WARP by allowing a user to disconnect the WARP client and bypass the Lock WARP switch using the warp-cli add-trusted-ssid command, enabling Zero Trust policies not to be enforced on the endpoint. The available sources consistently describe the bypass vector and it...

Cloudflare WARP 安全漏洞

Cloudflare WARP Cloudflare Vpn is a client application for secure connectivity from the American company Cloudflare. Cloudflare WARP suffers from a security vulnerability that stems from the ability for a user to remove a VPN profile from the WARP mobile client on the iOS platform, despite the Lo...