Cryptomator
Monthly
Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.0, in non-debug mode Cryptomator might leak cleartext paths into the log file. This can reveal meta information about the files stored inside a vault at a time, where the actual vault is closed. Not every cleartext path is logged. Only if a filesystem request fails for some reason (e.g. damaged encrypted file,...
Cryptomator encrypts data being stored on cloud infrastructure. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Cryptomator is data encryption software for users who store their files in the cloud. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Cryptomator encrypts data being stored on cloud infrastructure. Prior to version 1.19.0, in non-debug mode Cryptomator might leak cleartext paths into the log file. This can reveal meta information about the files stored inside a vault at a time, where the actual vault is closed. Not every cleartext path is logged. Only if a filesystem request fails for some reason (e.g. damaged encrypted file,...
Cryptomator encrypts data being stored on cloud infrastructure. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Cryptomator is data encryption software for users who store their files in the cloud. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.
Cryptomator through 1.6.5 allows DYLIB injection because, although it has the flag 0x1000 for Hardened Runtime, it has the com.apple.security.cs.disable-library-validation and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.