Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lemonldap:: vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-15941
OpenID Connect Issuer in LemonLDAP::NG 2.x up to and including 2.0.5 may allow an malicious user to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with we...
Lemonldap-ng Lemonldap
Debian Debian Linux 10.0
668
VMScore
CVE-2020-24660
An issue exists in LemonLDAP::NG up to and including 2.0.8, when NGINX is used. An attacker may bypass URL-based access control to protected Virtual Hosts by submitting a non-normalized URI. This also affects versions prior to 0.5.2 of the "Lemonldap::NG handler for Node.js&...
Lemonldap-ng Lemonldap
Debian Debian Linux 10.0
NA
CVE-2020-36658
In Apache::Session::LDAP prior to 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the C...
Lemonldap-ng Apache
Debian Debian Linux 10.0
NA
CVE-2020-36659
In Apache::Session::Browseable prior to 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction wi...
Lemonldap-ng Apache
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2