nilsteampassnet/teampass vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the nilsteampassnet/teampass package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Improper Authorization	<3.1.3.1
M Improper Authorization	<3.1.3.1
C Authorization Bypass Through User-Controlled Key	<3.1.3.1
M Cross-site Scripting (XSS)	<3.0.10
M Information Exposure	<3.0.10
H Improper Input Validation	<3.0.10
H Remote Code Execution (RCE)	>=0.0.0, <3.0.10
H Cross-site Scripting (XSS)	>=0.0.0, <3.0.10
M Cross-site Scripting (XSS)	<3.0.9
L Cross-site Scripting (XSS)	<3.0.9
M Access Restriction Bypass	<3.0.9
H Cross-site Scripting (XSS)	<3.0.9
C Cross-site Scripting (XSS)	>=0.0.0, <3.0.10
M Cross-site Scripting (XSS)	<3.0.9
M Cross-site Scripting (XSS)	<3.0.9
H Cross-site Scripting (XSS)	<3.0.9
M Cross-site Scripting (XSS)	<3.0.7
M Cross-site Scripting (XSS)	<3.0.7
M Cross-site Scripting (XSS)	>=0.0.0, <3.0.10
H SQL Injection	>=0.0.0, <3.0.10
H SQL Injection	>=0.0.0, <3.0.10
M Improper Authorization	>=0.0.0, <3.0.10
H External Control of File Name or Path	>=0.0.0, <3.0.10
M Cross-site Scripting (XSS)	<3.0.0.10
C SQL Injection	<2.1.27.4
C Information Exposure	<2.1.27.0
M Access Restriction Bypass	>=0.0.0
H Unauthorized File Access	>=0.0.0, <3.0.10
M Access Restriction Bypass	>=0.0.0, <2.1.27
H Local File Inclusion	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0, <3.0.10
C Cross-site Scripting (XSS)	<2.1.27.36
M Cross-site Scripting (XSS)	<2.1.27.9
M Cross-site Scripting (XSS)	<2.1.27.9
M Access Restriction Bypass	<2.1.27.9
H Access Restriction Bypass	<2.1.27.9
H Arbitrary File Upload	<2.1.27.9
M Access Restriction Bypass	<2.1.27.9

Vulnerability

Vulnerable Version

<3.1.3.1

<3.1.3.1

<3.1.3.1

<3.0.10

<3.0.10