Vulnerabilities > Backblaze

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-23	CVE-2022-23651	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Backblaze B2 Python Software Development KIT b2-sdk-python is a python library to access cloud storage provided by backblaze. local high complexity backblaze CWE-367	4.7
2022-02-23	CVE-2022-23653	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Backblaze B2 Command Line Tool B2 Command Line Tool is the official command line tool for the backblaze cloud storage service. local high complexity backblaze CWE-367	4.7
2020-12-27	CVE-2020-8290	Improper Privilege Management vulnerability in Backblaze Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of client update directories allowing for local escalation of privilege via rogue client update binary. local low complexity backblaze CWE-269	7.8
2020-12-27	CVE-2020-8289	Improper Certificate Validation vulnerability in Backblaze 7.0.0.439 Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client update functionality. local low complexity backblaze CWE-295	7.8

Vulnerabilities > Backblaze {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Backblaze"}]}