Search CVE reports
1 – 4 of 4 results
pass through 1.7.3 has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password, and log into a remote service with the password. If an...
1 affected package
password-store
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| password-store | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers...
1 affected package
password-store
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| password-store | Not affected | Not affected | Not affected | Vulnerable |
Some fixes available 4 of 8
diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.
1 affected package
sword
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sword | — | — | — | — |
diatheke.pl in Sword 1.5.7a allows remote attackers to execute arbitrary commands via shell metacharacters in a URL.
1 affected package
sword
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| sword | — | — | — | — |