{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T19:56:11.822","vulnerabilities":[{"cve":{"id":"CVE-2022-39373","sourceIdentifier":"security-advisories@github.com","published":"2022-11-03T16:15:10.303","lastModified":"2024-11-21T07:18:09.563","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Administrator may store malicious code in entity name. This issue has been patched, please upgrade to version 10.0.4."},{"lang":"es","value":"GLPI significa Gestionnaire Libre de Parc Informatique. GLPI es un paquete gratuito de software de gestión de TI y activos que proporciona funciones de ITIL Service Desk, seguimiento de licencias y auditoría de software. El administrador puede almacenar código malicioso en el nombre de la entidad. Este problema ha sido solucionado; actualice a la versión 10.0.4."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"10.0.4","matchCriteriaId":"0E4DD228-F8A9-4F70-96A1-4CBD89AAE233"}]}]}],"references":[{"url":"https://github.com/glpi-project/glpi/security/advisories/GHSA-cw37-q82c-w546","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/glpi-project/glpi/security/advisories/GHSA-cw37-q82c-w546","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}