Vulnerabilities > Obsidian > Obsidian > 0.12.18
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-19 | CVE-2023-2110 | Path Traversal vulnerability in Obsidian Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/<absolute-path>". | 7.1 |
2023-05-20 | CVE-2023-33244 | Unspecified vulnerability in Obsidian Obsidian before 1.2.2 allows calls to unintended APIs (for microphone access, camera access, and desktop notification) via an embedded web page. | 8.2 |