glpi vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the glpi package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
M Use of Hard-coded Credentials	*
M Cross-site Scripting (XSS)	*
H Arbitrary Code Injection	*
H Information Exposure	*
H SQL Injection	*
M Cross-site Scripting (XSS)	*
M Open Redirect	*
C Use of a Broken or Risky Cryptographic Algorithm	*
H Information Exposure	*
M Cross-site Scripting (XSS)	*
L Arbitrary Code Injection	*
M Weak Password Recovery Mechanism for Forgotten Password	*
M Cross-site Scripting (XSS)	*
H Information Exposure	*
C Access of Resource Using Incompatible Type ('Type Confusion')	*
C SQL Injection	*
H SQL Injection	*
M Information Exposure	<0.80.7-2
H Improper Input Validation	<0.83.91-1
M Improper Privilege Management	<0.80.7-2
H Race Condition	*
M Cross-site Scripting (XSS)	*
C SQL Injection	*
M Improper Input Validation	*
H SQL Injection	*
C SQL Injection	*
M Cross-site Scripting (XSS)	*
H Cross-site Request Forgery (CSRF)	*
C SQL Injection	*
H SQL Injection	*
M Access Restriction Bypass	*
H CVE-2015-7684	*
M Access Restriction Bypass	*
H Directory Traversal	*
M SQL Injection	*
M CVE-2013-2225	<0.83.91-1
H SQL Injection	<0.83.91-1
M Cross-site Request Forgery (CSRF)	<0.84.2-1
M Cross-site Request Forgery (CSRF)	<0.83.31-1
M Cross-site Scripting (XSS)	<0.83.31-1
M Arbitrary Code Injection	<0.80.7-1
M Information Exposure	<0.80.2-1
M Cross-site Scripting (XSS)	*
M Link Following	*
M Directory Traversal	*
M Improper Input Validation	*
L Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
H CVE-2008-7220	<0.72.3-1
M CVE-2007-3215	<0.68.3.2-1
M CVE-2007-2383	<0.72.3-1