There have been multiple accounts created with the sole purpose of posting advertisement posts or replies containing unsolicited advertising.

Accounts which solely post advertisements, or persistently post them may be terminated.

"PSA: Update Vaultwarden as soon as possible"

See this post from another website for more context

A new version (1.32.0) of Vaultwarden is out with security fixes:

This release has several CVE Reports fixed and we recommend everybody to update to the latest version as soon as possible.

CVE-2024-39924 Fixed via

CVE-2024-39925 Fixed via

CVE-2024-39926 Fixed via

Release page

anzo ,

Not to flame on anyone, and without reading the details on the specific CVE. But, to share as an advice: this reason is why I prefer keepass + syncthing for my needs. Security for a full blown web app is not trivial and has a bigger “attack surface” than a kdbx file moving p2p through my devices via syncthing.

sudneo ,

Thanks for the head’s up!

slym ,
@slym@lemmy.ca avatar

Thanks

N1ghtstalk3r ,
@N1ghtstalk3r@lemmy.world avatar

Thanks for the post OP, updating my VaultWarden docker instance ASAP.

JASN_DE ,

Docker image is already updated.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • random
  • lifeLocal
  • goranko
  • All magazines
    •