LastPass
by LastPass
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-16371 | Hig | 0.53 | 8.2 | 0.01 | Sep 16, 2019 | LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be bypassed via clickjacking. | ||
| CVE-2013-5113 | Med | 0.44 | 6.8 | 0.01 | Jan 31, 2020 | LastPass prior to 2.5.1 has an insecure PIN implementation. | ||
| CVE-2013-5114 | Med | 0.40 | 6.1 | 0.01 | Jan 31, 2020 | LastPass prior to 2.5.1 allows secure wipe bypass. |
- risk 0.53cvss 8.2epss 0.01
LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted web site that captures the credentials for a victim's account on a previously visited web site, because do_popupregister can be bypassed via clickjacking.
- risk 0.44cvss 6.8epss 0.01
LastPass prior to 2.5.1 has an insecure PIN implementation.
- risk 0.40cvss 6.1epss 0.01
LastPass prior to 2.5.1 allows secure wipe bypass.