Lucene search

K

Cryptomator Security Vulnerabilities

cve
cve

CVE-2022-25366

Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and com.apple.security.cs.allow-dyld-environment-variables entitlements. An attacker can exploit this by creating a malicious.....

7.8CVSS

7.7AI Score

0.0004EPSS

2022-02-19 03:15 AM
676
cve
cve

CVE-2023-39520

Cryptomator encrypts data being stored on cloud infrastructure. The MSI installer provided on the homepage for Cryptomator version 1.9.2 allows local privilege escalation for low privileged users, via the repair function. The problem occurs as the repair function of the MSI is spawning an SYSTEM...

7.8CVSS

7.6AI Score

0.0004EPSS

2023-08-07 08:15 PM
63
cve
cve

CVE-2023-37907

Cryptomator is data encryption software for users who store their files in the cloud. Prior to version 1.9.2, the MSI installer provided on the homepage allows local privilege escalation (LPE) for low privileged users, if already installed. The problem occurs as the repair function of the MSI...

7.8CVSS

7.5AI Score

0.0004EPSS

2023-07-25 09:15 PM
33