Lucene search
K

5 matches found

ALT Linux
ALT Linux
added 2021/10/18 12:0 a.m.32 views

Security fix for the ALT Linux 9 package glpi version 9.5.6-alt1

9.5.6-alt1 built Oct. 18, 2021 Pavel Zilke in task 287044 Oct. 12, 2021 Pavel Zilke - New version 9.5.6 - This is a security release, upgrading is recommended - Security fixes: + CVE-2021-39211 : Disclosure of GLPI and server informations in telemetry endpoint + CVE-2021-39210 : Autologin cookie...

6.8CVSS7AI score0.04446EPSS
Exploits0
ALT Linux
ALT Linux
added 2021/10/14 12:0 a.m.28 views

Security fix for the ALT Linux 10 package glpi version 9.5.6-alt1

9.5.6-alt1 built Oct. 14, 2021 Pavel Zilke in task 287043 Oct. 12, 2021 Pavel Zilke - New version 9.5.6 - This is a security release, upgrading is recommended - Security fixes: + CVE-2021-39211 : Disclosure of GLPI and server informations in telemetry endpoint + CVE-2021-39210 : Autologin cookie...

6.8CVSS7AI score0.04446EPSS
Exploits0
Circl
Circl
added 2021/09/15 8:22 p.m.7 views

CVE-2021-39210

creationtimestamp| type| source ---|---|--- 2021-09-15 20:22:15+00:00| seen| https://t.me/cibsecurity/28927...

6.5CVSS7.2AI score0.00982EPSS
Exploits0References1
CVE
CVE
added 2021/09/15 4:40 p.m.60 views

CVE-2021-39210

What is affected: GLPI

6.5CVSS6.3AI score0.00982EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/09/15 4:40 p.m.24 views

CVE-2021-39210 Autologin cookie accessible by scripts

GLPI is a free Asset and IT management software package. In versions prior to 9.5.6, the cookie used to store the autologin cookie when a user uses the "remember me" feature is accessible by scripts. A malicious plugin that could steal this cookie would be able to use it to autologin. This issue ...

6.5CVSS6.3AI score0.00982EPSS
Exploits0References3
Rows per page
Query Builder