CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40735 – Butterfly Button Project - Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2023-40735
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BUTTERFLY BUTTON PROJECT - BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality. This issue affects BUTTERFLY BUTTON: As of 2023-08-21. • https://butterfly-button.web.app https://github.com/TheButterflyButton https://github.com/TheButterflySDK https://github.com/VULSecLabs/Vulnerabilities/blob/main/CVE/CVE-2023-40735.md https://www.butterfly-button.com https://www.vulsec.org/advisories • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-24499 – Butterfly Button plugin may leave traces of its use on user's device
https://notcve.org/view.php?id=CVE-2023-24499
Butterfly Button plugin may leave traces of its use on user's device. Since it is used for reporting domestic problems, this may lead to spouse knowing about its use. • https://www.gov.il/en/Departments/faq/cve_advisories •