VYPR

npm package

passbolt-browser-extension

pkg:npm/passbolt-browser-extension

Vulnerabilities (1)

  • CVE-2024-33669MedApr 26, 2024
    affected < 4.6.2fixed 4.6.2

    An issue was discovered in Passbolt Browser Extension before 4.6.2. It can send multiple requests to HaveIBeenPwned while a password is being typed, which results in an information leak. This allows an attacker capable of observing Passbolt's HTTPS queries to the Pwned Password A