VYPR

Packagist (Composer) package

nilsteampassnet/teampass

pkg:composer/nilsteampassnet/teampass

Vulnerabilities (42)

  • CVE-2024-50703Dec 30, 2024
    affected < 3.1.3.1fixed 3.1.3.1

    TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.

  • CVE-2024-50702Dec 30, 2024
    affected < 3.1.3.1fixed 3.1.3.1

    TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager.

  • CVE-2024-50701Dec 30, 2024
    affected < 3.1.3.1fixed 3.1.3.1

    TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin.

  • CVE-2023-3565Jul 8, 2023
    affected < 3.0.10fixed 3.0.10

    Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10.

  • CVE-2023-3553Jul 8, 2023
    affected < 3.0.10fixed 3.0.10

    Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository nilsteampassnet/teampass prior to 3.0.10.

  • CVE-2023-3552Jul 8, 2023
    affected < 3.0.10fixed 3.0.10

    Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.10.

  • CVE-2023-3551Jul 8, 2023
    affected < 3.0.10fixed 3.0.10

    Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.10.

  • CVE-2023-3531Jul 6, 2023
    affected < 3.0.10fixed 3.0.10

    Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.10.

  • CVE-2023-3191Jun 10, 2023
    affected < 3.0.9fixed 3.0.9

    Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

  • CVE-2023-3190Jun 10, 2023
    affected < 3.0.9fixed 3.0.9

    Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

  • CVE-2023-3095Jun 4, 2023
    affected < 3.0.9fixed 3.0.9

    Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

  • CVE-2023-3086Jun 3, 2023
    affected < 3.0.9fixed 3.0.9

    Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

  • CVE-2023-3084Jun 3, 2023
    affected < 3.0.9fixed 3.0.9

    Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

  • CVE-2023-3083Jun 3, 2023
    affected < 3.0.9fixed 3.0.9

    Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

  • CVE-2023-3009May 31, 2023
    affected < 3.0.9fixed 3.0.9

    Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

  • CVE-2023-2859May 24, 2023
    affected < 3.0.9fixed 3.0.9

    Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.9.

  • CVE-2023-2591May 9, 2023
    affected < 3.0.7fixed 3.0.7

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitHub repository nilsteampassnet/teampass prior to 3.0.7.

  • CVE-2023-2516May 5, 2023
    affected < 3.0.7fixed 3.0.7

    Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.

  • CVE-2023-2021Apr 13, 2023
    affected < 3.0.3fixed 3.0.3

    Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3.

  • CVE-2023-1545Mar 21, 2023
    affected < 3.0.0.22fixed 3.0.0.22

    SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.

Page 1 of 3