homeassistant@2023.10.0b2 vulnerabilities
Open-source home automation platform running on Python 3.
-
latest version
2024.11.3
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
7 days ago
-
licenses detected
- [0.37.0,)
Direct Vulnerabilities
Known vulnerabilities in the homeassistant package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
Affected versions of this package are vulnerable to Information Exposure due to an issue with the login page, which discloses all active user accounts to any unauthenticated browsing request originating on the Local Area Network. This could potentially allow an unauthorized actor to gain knowledge of all user accounts on the system. Notes: This applies to the local subnet where Home Assistant resides and to any private subnet that can reach it. How to fix Information Exposure? Upgrade |
[,2023.12.3)
|