Package glpi-php8.0: Information

php8.0 dependencies for glpi
- New version 10.0.10
- This release fixes a security issue that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-42802 : Unallowed PHP script execution
 + CVE-2023-41320 : Account takeover via SQL Injection in UI layout preferences
 + CVE-2023-41326 : Account takeover via Kanban feature
 + CVE-2023-41324 : Account takeover through API
 + CVE-2023-42462 : File deletion through document upload process
 + CVE-2023-41321 : Sensitive fields enumeration through API
 + CVE-2023-41322 : Privilege Escalation from technician to super-admin
 + CVE-2023-41323 : Users login enumeration by unauthenticated user
 + CVE-2023-41888 : Phishing through a login page malicious URL
 + CVE-2023-42461 : SQL injection in ITIL actors
- New version 10.0.9
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-37278 : SQL injection in dashboard administration
- Deleted glpi-php7
- New version 10.0.8
- This release fixes several security issues that has been recently discovered. Update is recommended!
- Security fixes:
 + CVE-2023-35924 : SQL injection via inventory agent request
 + CVE-2023-36808 : SQL injection through Computer Virtual Machine information
 + CVE-2023-35939 : Unauthorized access to Dashboard data
 + CVE-2023-35940 : Unauthenticated access to Dashboard data
 + CVE-2023-34244 : Reflected XSS in search pages
 + CVE-2023-34107 : Unauthorized access to knowledge base items
 + CVE-2023-34106 : Unauthorized access to user data

Package glpi-php8.0: Information

Last changed