You are not logged in.

Announcement

 Téléchargez la dernière version stable de GLPI      -     Et vous, que pouvez vous faire pour le projet GLPI ? :  Contribuer
 Download last stable version of GLPI                      -     What can you do for GLPI ? :  Contribute

Pages: 1

#1 2022-10-05 11:23:23

francois-teclib
Expert GLPI
From: TECLIB
Registered: 2006-11-05
Posts: 76
Website

GLPI 9.5.9

This is a security release, upgrading is recommended

Here is the eighth bugfixes release for GLPI 9.5.

9.5.9-DOWNLOAD_GLPI-green.svg?logo=php&logoColor=white&style=for-the-badge?logo=php&logoColor=white&style=for-the-badge

Below, you'll find a short list of key points of this release:

  • [SECURITY] XSS through registration API (CVE-2022-35945)

  • [SECURITY] Leak of sensitive information through login page error (CVE-2022-31143)

  • [SECURITY] [critical] Command injection using a third-party library script (CVE-2022-35914)

  • [SECURITY] SQL injection through plugin controller (CVE-2022-35946)

  • [SECURITY] [critical] Authentication via SQL injection (CVE-2022-35947)

  • [SECURITY] Blind Server-Side Request Forgery (SSRF) in RSS feeds and planning (CVE-2022-36112)

Besoin d'un support professionnel pour GLPI ? Pensez à GLPI Network ! https://glpi-project.org/fr/tarifs/

Connaissez-vous l'offre Cloud maintenue et supportée par l'équipe qui édite GLPI ?
Vous pouvez tester gratuitement pendant 45 jours ! https://glpi-network.cloud (ou plus si besoin)

Offline

Pages: 1

Board footer

Powered by FluxBB