Опубликовано: 30 дек. 2024
Источник: github
Github: Прошло ревью
CVSS4: 5.3
CVSS3: 4.3
Описание
TeamPass does not properly check whether a folder is in a user's allowed folders list
TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin.
Пакеты
Наименование
nilsteampassnet/teampass
composer
Затронутые версииВерсия исправления
< 3.1.3.1
3.1.3.1
EPSS
Процентиль: 21%
0.00069
Низкий
5.3 Medium
CVSS4
4.3 Medium
CVSS3
CVE ID
Дефекты
CWE-266
CWE-285
Связанные уязвимости
CVSS3: 4.3
nvd
8 месяцев назад
TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin.
CVSS3: 4.3
debian
8 месяцев назад
TeamPass before 3.1.3.1, when retrieving information about access righ ...
EPSS
Процентиль: 21%
0.00069
Низкий
5.3 Medium
CVSS4
4.3 Medium
CVSS3
CVE ID
Дефекты
CWE-266
CWE-285