GSA_kwCzR0hTQS14OTNqLTNoaDMtNngyM84AAv9W

Critical EPSS: 1.0e-05% (0.0001 Percentile) EPSS:

Permalink JSON

Insufficient Session Expiration in librenms/librenms

Affected Packages	Affected Versions	Fixed Versions
packagist:librenms/librenms	< 22.10.0	22.10.0
1 Dependent packages 2 Dependent repositories 51,127 Downloads total Affected Version Ranges All affected versions 1.20.1, 1.22.1, 1.30.1, 1.31.1, 1.31.2, 1.31.3, 1.32.1, 1.33.1, 1.36.1, 1.42.1, 1.48.1, 1.50.1, 1.53.1, 1.58.1, 1.62.1, 1.62.2, 1.64.1, 1.65.1, 1.70.0, 1.70.1, 21.1.0, 21.2.0, 21.3.0, 21.4.0, 21.5.0, 21.5.1, 21.6.0, 21.7.0, 21.8.0, 21.9.0, 21.9.1, 21.10.0, 21.10.1, 21.10.2, 21.11.0, 21.12.0, 21.12.1, 22.1.0, 22.2.0, 22.2.1, 22.2.2, 22.3.0, 22.4.0, 22.4.1, 22.5.0, 22.6.0, 22.7.0, 22.8.0, 22.9.0 All unaffected versions 22.10.0, 22.11.0, 22.12.0, 23.1.0, 23.1.1, 23.2.0, 23.4.0, 23.4.1, 23.5.0, 23.6.0, 23.7.0, 23.8.0, 23.8.1, 23.8.2, 23.9.0, 23.9.1, 23.10.0, 23.11.0, 24.1.0, 24.2.0, 24.3.0, 24.4.0, 24.4.1, 24.5.0, 24.6.0, 24.7.0, 24.8.0, 24.8.1, 24.9.0, 24.9.1, 24.10.0, 24.10.1, 24.11.0, 24.12.0, 25.1.0, 25.2.0, 25.3.0, 25.4.0, 25.5.0, 25.6.0, 25.7.0, 25.8.0

Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0.

References:

Identifiers

GHSA-x93j-3hh3-6x23

CVE-2022-4070

Risk

Severity

Critical

EPSS

EPSS Percentage: 1.0e-05

EPSS Percentile: 0.0001

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/librenms/librenms

Date and time

Published

almost 3 years ago

Updated

over 2 years ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories