Vulnerabilities (CVE)

Filtered by vendor Bitwarden Subscribe
Filtered by product Server
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-15879 1 Bitwarden 1 Server 2024-11-21 5.0 MEDIUM 7.5 HIGH
Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16).
CVE-2019-19766 1 Bitwarden 1 Server 2024-11-21 5.0 MEDIUM 7.5 HIGH
The Bitwarden server through 1.32.0 has a potentially unwanted KDF.