4 matches found
EUVD-2023-3237
Malicious code in bioql PyPI...
Cross site request forgery (csrf)
Home Assistant is open source home automation software. Prior to version 2023.12.3, the login page discloses all active user accounts to any unauthenticated browsing request originating on the Local Area Network. Version 2023.12.3 contains a patch for this issue. When starting the Home Assistant...
CVE-2023-50715 User accounts disclosed to unauthenticated actors on the LAN
Home Assistant is open source home automation software. Prior to version 2023.12.3, the login page discloses all active user accounts to any unauthenticated browsing request originating on the Local Area Network. Version 2023.12.3 contains a patch for this issue. When starting the Home Assistant...
Home Assistant Information Disclosure Vulnerability
Home Assistant is an open source home automation management system from Home Assistant Open Source. The system is primarily used to control home automation devices. An information disclosure vulnerability exists in Home Assistant versions prior to 2023.12.3, which stems from an information...