vulnerability

FreeBSD: VID-0309c898-3aed-11eb-af2a-080027dbe4b7 (CVE-2020-11031): glpi -- Improve encryption algorithm

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Mar 30, 2020	Dec 12, 2020	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Mar 30, 2020

Added

Dec 12, 2020

Modified

Dec 10, 2025

Description

MITRE Corporation reports: In GLPI before version 9.5.0, the encryption algorithm used is insecure. The security of the data encrypted relies on the password used, if a user sets a weak/predictable password, an attacker could decrypt data. This is fixed in version 9.5.0 by using a more secure encryption library. The library chosen is sodium.

Solution

freebsd-upgrade-package-glpi

References

CVE-2020-11031
https://attackerkb.com/topics/CVE-2020-11031
CWE-327

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today