Vulnerabilities > Home Assistant
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-10 | CVE-2020-36517 | Information Exposure Through Discrepancy vulnerability in Home-Assistant 2022.03 An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS resolver configuration. | 5.0 |
2021-01-26 | CVE-2021-3152 | Path Traversal vulnerability in Home-Assistant Home Assistant before 2021.1.3 does not have a protection layer that can help to prevent directory-traversal attacks against custom integrations. | 5.3 |
2019-09-23 | CVE-2018-21019 | Information Exposure vulnerability in Home-Assistant Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py. | 5.0 |
2017-11-10 | CVE-2017-16782 | Cross-site Scripting vulnerability in Home-Assistant In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS. | 4.3 |