Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lemonldap:: vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-40874
An issue exists in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. When using the RESTServer plug-in to operate a REST password validation service (for another LemonLDAP::NG instance, for example) and using the Kerberos authentication method combined with another method with the Combina...
Lemonldap-ng Lemonldap\\ \\
Debian Debian Linux 10.0
8.8
CVSSv3
CVE-2021-35472
An issue exists in LemonLDAP::NG prior to 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users.
Lemonldap-ng Lemonldap\\ \\
Debian Debian Linux 10.0
8.1
CVSSv3
CVE-2020-36658
In Apache::Session::LDAP prior to 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the C...
Lemonldap-ng Apache\\ \\
Debian Debian Linux 10.0
8.1
CVSSv3
CVE-2020-36659
In Apache::Session::Browseable prior to 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction wi...
Lemonldap-ng Apache\\ \\
Debian Debian Linux 10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2