Sneako

**Name of the Vulnerable Software and Affected Versions** Bitwarden server versions prior to 1.32.0 **Description** The issue concerns a potentially unwanted Key Derivation Function (KDF) in the Bitwarden server. **Recommendations** For versions prior to 1.32.0, update to version 1.32.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Libcloud versions 0.12.3 through 0.13.2 **Description** The issue allows local users to obtain sensitive information by leveraging a new VM, due to the `scrub data` parameter not being set for the destroy DigitalOcean API. **Recommendations** For Libcloud versions 0.12.3 through 0.13.2, as a temporary workaround, consider setting the `scrub data` parameter manually when using the destroy DigitalOcean API until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.