Vulnerabilities > Home Assistant > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-19 | CVE-2023-41898 | Code Injection vulnerability in Home-Assistant Home Assistant Companion Home assistant is an open source home automation. | 7.8 |
| 2023-10-19 | CVE-2023-41899 | Server-Side Request Forgery (SSRF) vulnerability in Home-Assistant Home assistant is an open source home automation. | 7.2 |
| 2023-10-19 | CVE-2023-44385 | Cross-Site Request Forgery (CSRF) vulnerability in Home-Assistant Home Assistant Companion The Home Assistant Companion for iOS and macOS app up to version 2023.4 are vulnerable to Client-Side Request Forgery. | 8.8 |
| 2022-03-10 | CVE-2020-36517 | Information Exposure Through Discrepancy vulnerability in Home-Assistant 2022.03 An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS resolver configuration. | 7.5 |
| 2019-09-23 | CVE-2018-21019 | Information Exposure vulnerability in Home-Assistant Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py. | 7.5 |