CVE-2023-51446

Опубликовано: 01 фев. 2024

Источник: debian

EPSS Низкий

Описание

GLPI is a Free Asset and IT Management Software package. When authentication is made against a LDAP, the authentication form can be used to perform LDAP injection. Upgrade to 10.0.12.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
glpi	removed			package

Примечания

https://github.com/glpi-project/glpi/security/advisories/GHSA-p995-jmfv-c7r8
https://github.com/glpi-project/glpi/commit/58c67d78f2e3ad08264213e9aaf56eab3c9ded35

EPSS

Процентиль: 68%

0.00568

Низкий

Связанные уязвимости

CVE-2023-51446

CVSS3: 5.9

ubuntu

больше 1 года назад

GLPI is a Free Asset and IT Management Software package. When authentication is made against a LDAP, the authentication form can be used to perform LDAP injection. Upgrade to 10.0.12.

CVE-2023-51446

CVSS3: 5.9

nvd

больше 1 года назад

GLPI is a Free Asset and IT Management Software package. When authentication is made against a LDAP, the authentication form can be used to perform LDAP injection. Upgrade to 10.0.12.

ROS-20240812-13

CVSS3: 8.1

redos

11 месяцев назад

Множественные уязвимости glpi

EPSS

Процентиль: 68%

0.00568

Низкий