FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-09 08:42:40 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
bb49f1fa-00da-11ef-92b7-589cfc023192	GLPI -- multiple vulnerabilities GLPI team reports: GLPI 10.0.13 Changelog [SECURITY - high] SQL Injection in through the search engine (CVE-2024-27096) [SECURITY - moderate] Blind SSRF using Arbitrary Object Instantiation (CVE-2024-27098) [SECURITY - moderate] Stored XSS in dashboards (CVE-2024-27104) [SECURITY - moderate] Reflected XSS in debug mode (CVE-2024-27914) [SECURITY - moderate] Sensitive fields access through dropdowns (CVE-2024-27930) [SECURITY - moderate] Users emails enumeration (CVE-2024-27937) Discovery 2024-03-13 Entry 2024-04-22 glpi < 10.0.13,1 CVE-2024-27096 CVE-2024-27098 CVE-2024-27104 CVE-2024-27914 CVE-2024-27930 CVE-2024-27937 https://github.com/glpi-project/glpi/releases/tag/10.0.13

VuXML ID

Description

bb49f1fa-00da-11ef-92b7-589cfc023192

GLPI -- multiple vulnerabilities

GLPI team reports:

GLPI 10.0.13 Changelog

[SECURITY - high] SQL Injection in through the search engine (CVE-2024-27096)

[SECURITY - moderate] Blind SSRF using Arbitrary Object Instantiation (CVE-2024-27098)

[SECURITY - moderate] Stored XSS in dashboards (CVE-2024-27104)

[SECURITY - moderate] Reflected XSS in debug mode (CVE-2024-27914)

[SECURITY - moderate] Sensitive fields access through dropdowns (CVE-2024-27930)

[SECURITY - moderate] Users emails enumeration (CVE-2024-27937)

Discovery 2024-03-13
Entry 2024-04-22
glpi

< 10.0.13,1

CVE-2024-27096
CVE-2024-27098
CVE-2024-27104
CVE-2024-27914
CVE-2024-27930
CVE-2024-27937
https://github.com/glpi-project/glpi/releases/tag/10.0.13