7 matches found
EUVD-2024-31382
Malicious code in bioql PyPI...
CVE-2024-33669
An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results in an information leak. This allows an attacker capable of observing Passbolt's HTTPS queries to the Pwned Password API to more easily...
GHSA-XFQ4-78J7-V594 Passbolt Browser Extension leaks password information
An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results in an information leak. This allows an attacker capable of observing Passbolt's HTTPS queries to the Pwned Password API to more easily...
Passbolt Browser Extension leaks password information
An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results in an information leak. This allows an attacker capable of observing Passbolt's HTTPS queries to the Pwned Password API to more easily...
CVE-2024-33669
An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results in an information leak. This allows an attacker capable of observing Passbolt's HTTPS queries to the Pwned Password API to more easily...
PT-2024-25426 · Passbolt · Passbolt Browser Extension
Name of the Vulnerable Software and Affected Versions: Passbolt Browser Extension versions prior to 4.6.2 Description: An issue in the Passbolt Browser Extension results in an information leak. As a user types a password, multiple requests are sent to HaveIBeenPwned, allowing an attacker who can...
CVE-2024-33669
An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results in an information leak. This allows an attacker capable of observing Passbolt's HTTPS queries to the Pwned Password API to more easily...