Branch p10 update bulletin.

Package vaultwarden updated to version 1.32.5-alt1 for branch p10 in task 373068.

Published: 2025-01-10
Modified: 2025-01-10

CVE-2024-55225

An issue in the component src/api/identity.rs of Vaultwarden prior to v1.32.5 allows attackers to impersonate users, including Administrators, via a crafted authorization request.

References:

https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.4
https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.5
https://insinuator.net/2024/11/vulnerability-disclosure-authentication-bypass-in-vaultwarden-versions-1-32-5/

Version: 2.1.0

Branch p10 update on 2025-02-07

ALT-BU-2025-2503-1

ALT-PU-2025-2336-3

Closed vulnerabilities

CVE-2024-55225