Glpi Project Glpi Inventory
By the Year
In 2023 there have been 0 vulnerabilities in Glpi Project Glpi Inventory . Last year Glpi Inventory had 2 security vulnerabilities published. Right now, Glpi Inventory is on track to have less security vulnerabilities in 2023 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 2 | 7.55 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Glpi Inventory vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Glpi Project Glpi Inventory Security Vulnerabilities
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing
CVE-2022-31082
9.8 - Critical
- June 27, 2022
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. glpi-inventory-plugin is a plugin for GLPI to handle inventory management. In affected versions a SQL injection can be made using package deployment tasks. This issue has been resolved in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should delete the `front/deploypackage.public.php` file if they are not using the `deploy tasks` feature.
SQL Injection
### Impact A plugin public script can be used to read content of system files
CVE-2022-31062
5.3 - Medium
- June 20, 2022
### Impact A plugin public script can be used to read content of system files. ### Patches Upgrade to version 1.0.2. ### Workarounds `b/deploy/index.php` file can be deleted if deploy feature is not used.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Glpi Project Glpi Inventory or by Glpi Project? Click the Watch button to subscribe.
