Security Advisory

CVE-2025-24365

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-27 17:49:57
Last updated 2025-02-12 20:41:36
Assigner GitHub_M
State PUBLISHED

Description

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Attacker can obtain owner rights of other organization. Hacker should know the ID of victim organization (in real case the user can be a part of the organization as an unprivileged user) and be the owner/admin of other organization (by default you can create your own organization) in order to attack. This vulnerability is fixed in 1.33.0.