Vulnerabilities > Bitwarden > Server > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-21 | CVE-2020-15879 | Server-Side Request Forgery (SSRF) vulnerability in Bitwarden Server 1.35.1 Bitwarden Server 1.35.1 allows SSRF because it does not consider certain IPv6 addresses (ones beginning with fc, fd, fe, or ff, and the :: address) and certain IPv4 addresses (0.0.0.0/8, 127.0.0.0/8, and 169.254.0.0/16). | 7.5 |
| 2019-12-12 | CVE-2019-19766 | Use of Password Hash With Insufficient Computational Effort vulnerability in Bitwarden Server The Bitwarden server through 1.32.0 has a potentially unwanted KDF. | 7.5 |