FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
6091d1d8-4347-11ef-a4d4-080027957747	GLPI -- multiple vulnerabilities GLPI team reports: GLPI 10.0.16 Changelog [SECURITY - high] Account takeover via SQL Injection in AJAX scripts (CVE-2024-37148) [SECURITY - high] Remote code execution through the plugin loader (CVE-2024-37149) [SECURITY - moderate] Authenticated file upload to restricted tickets (CVE-2024-37147) Discovery 2024-06-03 Entry 2024-07-16 glpi < 10.0.16,1 CVE-2024-37148 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37148 CVE-2024-37149 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37149 CVE-2024-37147 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37147 https://github.com/glpi-project/glpi/releases/tag/10.0.16

VuXML ID

Description

6091d1d8-4347-11ef-a4d4-080027957747

GLPI -- multiple vulnerabilities

GLPI team reports:

GLPI 10.0.16 Changelog

[SECURITY - high] Account takeover via SQL Injection in AJAX scripts (CVE-2024-37148)

[SECURITY - high] Remote code execution through the plugin loader (CVE-2024-37149)

[SECURITY - moderate] Authenticated file upload to restricted tickets (CVE-2024-37147)

Discovery 2024-06-03
Entry 2024-07-16
glpi

< 10.0.16,1

CVE-2024-37148
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37148
CVE-2024-37149
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37149
CVE-2024-37147
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37147
https://github.com/glpi-project/glpi/releases/tag/10.0.16