Lucene search
Https://packages.altlinux.org/en/sisyphus/security/91C78E8C4740338553D48BAD9D3BE742HistoryNov 04, 2022 - 12:00 a.m.
Security fix for the ALT Linux 10 package glpi version 9.5.10-alt1
2022-11-0400:00:00
https://packages.altlinux.org/en/sisyphus/security/
packages.altlinux.org
12
alt linux 10
glpi version 9.5.10
security fixes
blind ssrf
stored xss
improper input validation
improper access
user's session
stored xss
external links
public rss feed
sql injection
0.001 Low
EPSS
Percentile
50.3%
Nov. 4, 2022 Pavel Zilke 9.5.10-alt1
- New version 9.5.10
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
+ CVE-2022-39276 : Blind SSRF in RSS feeds and planning
+ CVE-2022-39372 : Stored XSS in user information
+ CVE-2022-39376 : Improper input validation on emails links
+ CVE-2022-39370 : Improper access to debug panel
+ CVE-2022-39234 : User's session persist after permanently deleting his account
+ CVE-2022-39262 : Stored XSS on login page
+ CVE-2022-39277 : XSS in external links
+ CVE-2022-39375 : XSS through public RSS feed
+ CVE-2022-39323 : SQL Injection on REST API
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ALT Linux | 10 | src | glpi-9.5.12-alt1.src.rpm | < 9.5.10-alt1 | glpi-9.5.12-alt1.src.rpm |
| ALT Linux | 10 | noarch | glpi-9.5.12-alt1.noarch.rpm | < 9.5.10-alt1 | glpi-9.5.12-alt1.noarch.rpm |
| ALT Linux | 10 | noarch | glpi-apache2-9.5.12-alt1.noarch.rpm | < 9.5.10-alt1 | glpi-apache2-9.5.12-alt1.noarch.rpm |
| ALT Linux | 10 | noarch | glpi-php7-9.5.12-alt1.noarch.rpm | < 9.5.10-alt1 | glpi-php7-9.5.12-alt1.noarch.rpm |
Related
altlinux
altlinux
Security fix for the ALT Linux 9 package glpi version 9.5.10-alt1
2022-11-04 00:00:00
prion
prion
Design/Logic Flaw
2022-11-03 16:15:00
Design/Logic Flaw
2022-11-03 16:15:00
Design/Logic Flaw
2022-11-03 14:15:00
osv
osv
ubuntucve
ubuntucve
cvelist
cvelist
CVE-2022-39276 Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning
2022-11-03 00:00:00
CVE-2022-39372 Stored Cross-Site Scripting (XSS) in user information in GLPI
2022-11-03 00:00:00
CVE-2022-39370 Improper access to debug panel in GLPI
2022-11-03 00:00:00
cve
cve
nvd
nvd
huntr
huntr
User's session persist after permanently deleting his account
2022-09-18 11:50:13