Information on source package ocsinventory-server

Available versions

ReleaseVersion
jessie2.0.5-1.3
buster2.5+dfsg1-1+deb10u1
bullseye2.8.1+dfsg1-1+deb11u1
bookworm2.8.1+dfsg1+~2.11.1-1
trixie2.8.1+dfsg1+~2.11.1-1
sid2.8.1+dfsg1+~2.11.1-1

Open issues

BugjessiebusterbullseyebookwormtrixiesidDescription
CVE-2023-3726vulnerablevulnerablevulnerablevulnerablevulnerablevulnerableOCSInventory allow stored email template with special characters that ...

Open unimportant issues

BugjessiebusterbullseyebookwormtrixiesidDescription
CVE-2018-1000558vulnerablefixedfixedfixedfixedfixedOCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2 ...
CVE-2018-1000557vulnerablefixedfixedfixedfixedfixedOCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross ...
CVE-2018-15537vulnerablevulnerablevulnerablefixedfixedfixedUnrestricted file upload (with remote code execution) in OCS Inventory ...
CVE-2018-14857vulnerablevulnerablefixedfixedfixedfixedUnrestricted file upload (with remote code execution) in require/mail/ ...
CVE-2018-14473vulnerablefixedfixedfixedfixedfixedOCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing ...
CVE-2018-12483vulnerablefixedfixedfixedfixedfixedOCS Inventory 2.4.1 is prone to a remote command-execution vulnerabili ...
CVE-2018-12482vulnerablefixedfixedfixedfixedfixedOCS Inventory 2.4.1 contains multiple SQL injections in the search eng ...
CVE-2014-4722vulnerablevulnerablevulnerablevulnerablevulnerablevulnerableMultiple cross-site scripting (XSS) vulnerabilities in the OCS Reports ...

Resolved issues

BugDescription
TEMP-0531735-61C2C9OCS Inventory NG SQL Injection Vulnerability
CVE-2020-14947OCS Inventory NG 2.7 allows Remote Command Execution via shell metacha ...
CVE-2011-4024Cross-site scripting (XSS) vulnerability in ocsinventory in OCS Invent ...
CVE-2010-1733Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02 ...
CVE-2010-1595Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS ...
CVE-2010-1594Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/inde ...
CVE-2009-3042SQL injection vulnerability in machine.php in Open Computer and Softwa ...
CVE-2009-3040Multiple SQL injection vulnerabilities in Open Computer and Software ( ...
CVE-2009-2166Absolute path traversal vulnerability in cvs.php in OCS Inventory NG b ...
CVE-2009-1769The web interface in Open Computer and Software Inventory Next Generat ...
CVE-2009-1443Multiple unspecified vulnerabilities in the Server component in OCS In ...

Security announcements

DSA / DLADescription
DLA-3486-1ocsinventory-server - security update
Search for package or bug name: Reporting problems