exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2022-39276

около 3 лет назад

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote script returns a redirect response, the redirect target URL is not checked against the URL allow list defined by administrator. This issue has been patched, please upgrade to 10.0.4. There are currently no known workarounds.

CVSS3: 3.5

EPSS: Низкий

CVE-2022-39276

около 3 лет назад

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote script returns a redirect response, the redirect target URL is not checked against the URL allow list defined by administrator. This issue has been patched, please upgrade to 10.0.4. There are currently no known workarounds.

CVSS3: 3.5

EPSS: Низкий

CVE-2022-39276

около 3 лет назад

GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Fre ...

CVSS3: 3.5

EPSS: Низкий

BDU:2024-05812

около 3 лет назад

Уязвимость системы работы с заявками и инцидентами GLPI, связанная c подделкой запросов на стороне сервера, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес

CVSS3: 5.3

EPSS: Низкий

ROS-20240726-01

больше 1 года назад

Множественные уязвимости glpi

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2022-39276 GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote script returns a redirect response, the redirect target URL is not checked against the URL allow list defined by administrator. This issue has been patched, please upgrade to 10.0.4. There are currently no known workarounds.	CVSS3: 3.5	0% Низкий	около 3 лет назад
CVE-2022-39276 GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote script returns a redirect response, the redirect target URL is not checked against the URL allow list defined by administrator. This issue has been patched, please upgrade to 10.0.4. There are currently no known workarounds.	CVSS3: 3.5	0% Низкий	около 3 лет назад
CVE-2022-39276 GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Fre ...	CVSS3: 3.5	0% Низкий	около 3 лет назад
BDU:2024-05812 Уязвимость системы работы с заявками и инцидентами GLPI, связанная c подделкой запросов на стороне сервера, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес	CVSS3: 5.3	0% Низкий	около 3 лет назад
ROS-20240726-01 Множественные уязвимости glpi	CVSS3: 9.8		больше 1 года назад

Уязвимостей на страницу