FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2026-02-27 19:19:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
41711c0d-db27-11ef-873e-8447094a420f	Vaultwarden -- Multiple vulnerabilities The Vaultwarden project reports: RCE in the admin panel. Getting access to the Admin Panel via CSRF. Escalation of privilege via variable confusion in OrgHeaders trait. Discovery 2025-01-25 Entry 2025-01-25 vaultwarden < 1.33.0 CVE-2025-24364 https://github.com/dani-garcia/vaultwarden/security/advisories/GHSA-j4h8-vch3-f797 CVE-2025-24365 https://github.com/dani-garcia/vaultwarden/security/advisories/GHSA-h6cc-rc6q-23j4
4594110e-1151-11f1-b3f8-8447094a420f	Vaultwarden -- Multiple vulnerabilities The Vaultwarden project reports: GHSA-w9f8-m526-h7fh. This vulnerability would allow an attacker to access a cipher from a different user (fully encrypted) if they already know its internal UUID. GHSA-h4hq-rgvh-wh27. This vulnerability allows an attacker with manager-level access within an organization to modify collections they can access, even if they do not have management permissions for them. GHSA-r32r-j5jq-3w4m. This vulnerability allows an attacker with manager-level access within an organization to modify collections they are not assigned. Discovery 2026-02-23 Entry 2026-02-24 vaultwarden < 1.35.4 https://github.com/dani-garcia/vaultwarden/releases/tag/1.35.4

VuXML ID

Description

41711c0d-db27-11ef-873e-8447094a420f

Vaultwarden -- Multiple vulnerabilities

The Vaultwarden project reports:

RCE in the admin panel.

Getting access to the Admin Panel via CSRF.

Escalation of privilege via variable confusion in OrgHeaders trait.

Discovery 2025-01-25
Entry 2025-01-25
vaultwarden

< 1.33.0

CVE-2025-24364
https://github.com/dani-garcia/vaultwarden/security/advisories/GHSA-j4h8-vch3-f797
CVE-2025-24365
https://github.com/dani-garcia/vaultwarden/security/advisories/GHSA-h6cc-rc6q-23j4

4594110e-1151-11f1-b3f8-8447094a420f

Vaultwarden -- Multiple vulnerabilities

The Vaultwarden project reports:

GHSA-w9f8-m526-h7fh. This vulnerability would allow an attacker to access a cipher from a different user (fully encrypted) if they already know its internal UUID.

GHSA-h4hq-rgvh-wh27. This vulnerability allows an attacker with manager-level access within an organization to modify collections they can access, even if they do not have management permissions for them.

GHSA-r32r-j5jq-3w4m. This vulnerability allows an attacker with manager-level access within an organization to modify collections they are not assigned.

Discovery 2026-02-23
Entry 2026-02-24
vaultwarden

< 1.35.4

https://github.com/dani-garcia/vaultwarden/releases/tag/1.35.4