{"url":"http://public2.vulnerablecode.io/api/packages/381462?format=json","purl":"pkg:composer/nilsteampassnet/teampass@3.0.10","type":"composer","namespace":"nilsteampassnet","name":"teampass","version":"3.0.10","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.1.3+1","latest_non_vulnerable_version":"3.1.3+1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56806?format=json","vulnerability_id":"VCID-1dkf-xbbk-d7ej","summary":"TeamPass before 3.1.3.1, when retrieving information about access rights for a folder, does not properly check whether a folder is in a user's allowed folders list that has been defined by an admin.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50701","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31692","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50701"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nilsteampassnet/TeamPass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50701","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50701"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1","reference_id":"3.1.2...3.1.3.1","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-30T16:58:12Z/"}],"url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1","reference_id":"3.1.3...3.1.3.1","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-30T16:58:12Z/"}],"url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass/commit/ddbb2d3d94085dced50c4936fd2215af88e4a88d","reference_id":"ddbb2d3d94085dced50c4936fd2215af88e4a88d","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-30T16:58:12Z/"}],"url":"https://github.com/nilsteampassnet/TeamPass/commit/ddbb2d3d94085dced50c4936fd2215af88e4a88d"},{"reference_url":"https://github.com/advisories/GHSA-2697-96mv-3gfm","reference_id":"GHSA-2697-96mv-3gfm","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-2697-96mv-3gfm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372476?format=json","purl":"pkg:composer/nilsteampassnet/teampass@3.1.3%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.1.3%252B1"}],"aliases":["CVE-2024-50701","GHSA-2697-96mv-3gfm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1dkf-xbbk-d7ej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56942?format=json","vulnerability_id":"VCID-gapw-p82p-5ffg","summary":"TeamPass before 3.1.3.1 does not properly prevent a user from acting with the privileges of a different user_id.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50703","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34431","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50703"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nilsteampassnet/TeamPass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50703","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50703"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1","reference_id":"3.1.2...3.1.3.1","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-30T16:41:26Z/"}],"url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1","reference_id":"3.1.3...3.1.3.1","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-30T16:41:26Z/"}],"url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass/commit/c7f7f809071eaa9e04505ee79cec7049a42959e9","reference_id":"c7f7f809071eaa9e04505ee79cec7049a42959e9","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-30T16:41:26Z/"}],"url":"https://github.com/nilsteampassnet/TeamPass/commit/c7f7f809071eaa9e04505ee79cec7049a42959e9"},{"reference_url":"https://github.com/advisories/GHSA-9wmc-988h-2mv2","reference_id":"GHSA-9wmc-988h-2mv2","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-9wmc-988h-2mv2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372476?format=json","purl":"pkg:composer/nilsteampassnet/teampass@3.1.3%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.1.3%252B1"}],"aliases":["CVE-2024-50703","GHSA-9wmc-988h-2mv2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gapw-p82p-5ffg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56586?format=json","vulnerability_id":"VCID-hsc2-ujdn-akd9","summary":"TeamPass before 3.1.3.1 does not properly check whether a mail_me (aka action_mail) operation is on behalf of an administrator or manager.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50702","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.28999","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50702"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nilsteampassnet/TeamPass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50702","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50702"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1","reference_id":"3.1.2...3.1.3.1","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-30T16:53:10Z/"}],"url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.2...3.1.3.1"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1","reference_id":"3.1.3...3.1.3.1","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-30T16:53:10Z/"}],"url":"https://github.com/nilsteampassnet/TeamPass/compare/3.1.3...3.1.3.1"},{"reference_url":"https://github.com/nilsteampassnet/TeamPass/commit/35e2b479f2379545b4132bc30a9d052ba7018bf9","reference_id":"35e2b479f2379545b4132bc30a9d052ba7018bf9","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-30T16:53:10Z/"}],"url":"https://github.com/nilsteampassnet/TeamPass/commit/35e2b479f2379545b4132bc30a9d052ba7018bf9"},{"reference_url":"https://github.com/advisories/GHSA-7rm3-4w6j-8xx4","reference_id":"GHSA-7rm3-4w6j-8xx4","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-7rm3-4w6j-8xx4"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/372476?format=json","purl":"pkg:composer/nilsteampassnet/teampass@3.1.3%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.1.3%252B1"}],"aliases":["CVE-2024-50702","GHSA-7rm3-4w6j-8xx4"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hsc2-ujdn-akd9"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/151541?format=json","vulnerability_id":"VCID-9b52-k67m-7fb9","summary":"Cross-site Scripting (XSS) - Generic in GitHub repository nilsteampassnet/teampass prior to 3.0.10.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3565","reference_id":"","reference_type":"","scores":[{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30355","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3565"},{"reference_url":"https://github.com/nilsteampassnet/teampass","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nilsteampassnet/teampass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3565","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3565"},{"reference_url":"https://github.com/nilsteampassnet/teampass/commit/820bb49a362a566c9038e4a3048b26d654babb0e","reference_id":"820bb49a362a566c9038e4a3048b26d654babb0e","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-30T14:13:05Z/"}],"url":"https://github.com/nilsteampassnet/teampass/commit/820bb49a362a566c9038e4a3048b26d654babb0e"},{"reference_url":"https://huntr.dev/bounties/fcf46e1f-2ab6-4057-9d25-cf493ab09530","reference_id":"fcf46e1f-2ab6-4057-9d25-cf493ab09530","reference_type":"","scores":[{"value":"5.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N"},{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-30T14:13:05Z/"}],"url":"https://huntr.dev/bounties/fcf46e1f-2ab6-4057-9d25-cf493ab09530"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381462?format=json","purl":"pkg:composer/nilsteampassnet/teampass@3.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1dkf-xbbk-d7ej"},{"vulnerability":"VCID-gapw-p82p-5ffg"},{"vulnerability":"VCID-hsc2-ujdn-akd9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.10"}],"aliases":["CVE-2023-3565","GHSA-524r-w8fx-hqg3"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9b52-k67m-7fb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/151522?format=json","vulnerability_id":"VCID-a7h6-fstf-kqee","summary":"Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository nilsteampassnet/teampass prior to 3.0.10.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3553","reference_id":"","reference_type":"","scores":[{"value":"0.00592","scoring_system":"epss","scoring_elements":"0.69708","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3553"},{"reference_url":"https://github.com/nilsteampassnet/teampass","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nilsteampassnet/teampass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3553","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3553"},{"reference_url":"https://huntr.dev/bounties/857f002a-2794-4807-aa5d-2f340de01870","reference_id":"857f002a-2794-4807-aa5d-2f340de01870","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T14:42:24Z/"}],"url":"https://huntr.dev/bounties/857f002a-2794-4807-aa5d-2f340de01870"},{"reference_url":"https://github.com/nilsteampassnet/teampass/commit/e9f90b746fdde135da3c7fbe4fa22fe2bd32e66b","reference_id":"e9f90b746fdde135da3c7fbe4fa22fe2bd32e66b","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-30T14:42:24Z/"}],"url":"https://github.com/nilsteampassnet/teampass/commit/e9f90b746fdde135da3c7fbe4fa22fe2bd32e66b"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381462?format=json","purl":"pkg:composer/nilsteampassnet/teampass@3.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1dkf-xbbk-d7ej"},{"vulnerability":"VCID-gapw-p82p-5ffg"},{"vulnerability":"VCID-hsc2-ujdn-akd9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.10"}],"aliases":["CVE-2023-3553","GHSA-2rhg-hqq9-8xjh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7h6-fstf-kqee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/151407?format=json","vulnerability_id":"VCID-fq8k-9rzx-d3h9","summary":"Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.10.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3531","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31691","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3531"},{"reference_url":"https://github.com/nilsteampassnet/teampass","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nilsteampassnet/teampass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3531","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3531"},{"reference_url":"https://huntr.dev/bounties/c9f0b3ff-bbc4-4ea1-a59e-8594b48bb414","reference_id":"c9f0b3ff-bbc4-4ea1-a59e-8594b48bb414","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-07T18:23:06Z/"}],"url":"https://huntr.dev/bounties/c9f0b3ff-bbc4-4ea1-a59e-8594b48bb414"},{"reference_url":"https://github.com/nilsteampassnet/teampass/commit/cb8ea5ccca61653895bb6881547e463baa50293d","reference_id":"cb8ea5ccca61653895bb6881547e463baa50293d","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-11-07T18:23:06Z/"}],"url":"https://github.com/nilsteampassnet/teampass/commit/cb8ea5ccca61653895bb6881547e463baa50293d"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381462?format=json","purl":"pkg:composer/nilsteampassnet/teampass@3.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1dkf-xbbk-d7ej"},{"vulnerability":"VCID-gapw-p82p-5ffg"},{"vulnerability":"VCID-hsc2-ujdn-akd9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.10"}],"aliases":["CVE-2023-3531","GHSA-pwrw-g29q-3mp8"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fq8k-9rzx-d3h9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/151313?format=json","vulnerability_id":"VCID-ttgj-91qs-1kb1","summary":"Improper Encoding or Escaping of Output in GitHub repository nilsteampassnet/teampass prior to 3.0.10.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3552","reference_id":"","reference_type":"","scores":[{"value":"0.00322","scoring_system":"epss","scoring_elements":"0.5561","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3552"},{"reference_url":"https://github.com/nilsteampassnet/teampass","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nilsteampassnet/teampass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3552","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3552"},{"reference_url":"https://github.com/nilsteampassnet/teampass/commit/8acb4dacc2d008a4186a4e13cc143e978f113955","reference_id":"8acb4dacc2d008a4186a4e13cc143e978f113955","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-30T14:45:38Z/"}],"url":"https://github.com/nilsteampassnet/teampass/commit/8acb4dacc2d008a4186a4e13cc143e978f113955"},{"reference_url":"https://huntr.dev/bounties/aeb2f43f-0602-4ac6-9685-273e87ff4ded","reference_id":"aeb2f43f-0602-4ac6-9685-273e87ff4ded","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-30T14:45:38Z/"}],"url":"https://huntr.dev/bounties/aeb2f43f-0602-4ac6-9685-273e87ff4ded"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381462?format=json","purl":"pkg:composer/nilsteampassnet/teampass@3.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1dkf-xbbk-d7ej"},{"vulnerability":"VCID-gapw-p82p-5ffg"},{"vulnerability":"VCID-hsc2-ujdn-akd9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.10"}],"aliases":["CVE-2023-3552","GHSA-2cv5-qvq3-6276"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ttgj-91qs-1kb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/151539?format=json","vulnerability_id":"VCID-vsm8-3aay-zugs","summary":"Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.10.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3551","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43864","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3551"},{"reference_url":"https://github.com/nilsteampassnet/teampass","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/nilsteampassnet/teampass"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3551","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3551"},{"reference_url":"https://github.com/nilsteampassnet/teampass/commit/cc6abc76aa46ed4a27736c1d2f21e432a5d54e6f","reference_id":"cc6abc76aa46ed4a27736c1d2f21e432a5d54e6f","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-30T14:45:50Z/"}],"url":"https://github.com/nilsteampassnet/teampass/commit/cc6abc76aa46ed4a27736c1d2f21e432a5d54e6f"},{"reference_url":"https://huntr.dev/bounties/cf8878ff-6cd9-49be-b313-7ac2a94fc7f7","reference_id":"cf8878ff-6cd9-49be-b313-7ac2a94fc7f7","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-30T14:45:50Z/"}],"url":"https://huntr.dev/bounties/cf8878ff-6cd9-49be-b313-7ac2a94fc7f7"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/381462?format=json","purl":"pkg:composer/nilsteampassnet/teampass@3.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1dkf-xbbk-d7ej"},{"vulnerability":"VCID-gapw-p82p-5ffg"},{"vulnerability":"VCID-hsc2-ujdn-akd9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.10"}],"aliases":["CVE-2023-3551","GHSA-97hm-2mfr-2p97"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vsm8-3aay-zugs"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/nilsteampassnet/teampass@3.0.10"}