Bitwarden Ff

by



Bitwarden - Free & open source password manager for all of your devices Download.apk directly Description Bitwarden is the easiest and safest way to store all of your logins and passwords while conveniently keeping them synced between all of. It works once after restart and stops. For apps it works properly. I tested on Chrome, FF and Brave, using inline autofill and Accessibility is On. I also tested with Samsung keyboard and Swift key. Searching other topics, the problem is usually the battery saving. I have turned all battery saving features off already.

  1. Bitwarden Free
  2. Bitwarden Free Password Manager
  3. Bitwarden Fido

Current Description

Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16).


Analysis Description

Bitwarden Ff

Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16).

Severity

CVSS 3.x Severity and Metrics:

Bitwarden Free

NIST:NVD

Bitwarden Free Password Manager

Vector:NVD
Vector:HyperlinkResourcehttps://github.com/bitwarden/server/pull/827Third Party Advisory

Weakness Enumeration

Bitwarden Fido

CWE-IDCWE NameSource
CWE-918Server-Side Request Forgery (SSRF)NIST

Known Affected Software Configurations Switch to CPE 2.2

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

1 change records found show changes