pass

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Stores, retrieves, generates, and synchronizes passwords securely
Version 1.7.4-1 [community]

Open

Group Affected Fixed Severity Status Ticket
AVG-1342 1.7.4-1 Medium Vulnerable
Issue Group Severity Remote Type Description
CVE-2020-28086 AVG-1342 Medium Yes Insufficient validation
pass has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password, and log...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-720 1.7.1-1 1.7.2-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2018-12356 AVG-720 High Yes Arbitrary code execution
An issue was discovered in password-store.sh in pass in Simple Password Store 1.7 through 1.7.1. The signature verification routine parses the output of...

Advisories

Date Advisory Group Severity Type
19 Jun 2018 ASA-201806-11 AVG-720 High arbitrary code execution