Glpi@9.1.0 Security Vulnerabilities and Issues — Glpi@9.1.0 CVE List

Lucene search

Glpi-projectGlpi9.1.0

4 matches found

CVE•added 2024/12/11 5:15 p.m.•80 views

CVE-2024-47760

GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.17, a technician with an access to the API can take control of an account with higher privileges. Version 10.0.17 contains a patch for this issue.

8.8CVSS6.8AI score0.00159EPSS

CVE•added 2023/09/27 3:19 p.m.•57 views

CVE-2023-41322

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. A user with write access to another user can make requests to change the latter's password and then take con...

8.8CVSS7AI score0.00206EPSS

CVE•added 2025/07/30 2:15 p.m.•17 views

CVE-2025-52897

GLPI is a Free Asset and IT Management Software package. In versions 9.1.0 through 10.0.18, an unauthenticated user can send a malicious link to attempt a phishing attack from the planning feature. This is fixed in version 10.0.19.

6.5CVSS6.5AI score0.00075EPSS

CVE•added 2025/07/30 3:15 p.m.•13 views

CVE-2025-53112

GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.1.0 through 10.0.18, a lack of permission checks can result in unauthorized removal of some specific resources. This is fixed in version 10.0.19.

4.3CVSS6.4AI score0.00036EPSS