Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lemonldap-ng vulnerabilities and exploits
(subscribe to this query)
534
VMScore
CVE-2021-35472
An issue exists in LemonLDAP::NG prior to 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users.
Lemonldap-ng Lemonldap\\ \\
Debian Debian Linux 10.0
NA
CVE-2020-16093
In LemonLDAP::NG (aka lemonldap-ng) up to and including 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used.
Lemonldap-ng Lemonldap\\ \\
Debian Debian Linux 10.0
668
VMScore
CVE-2019-15941
OpenID Connect Issuer in LemonLDAP::NG 2.x up to and including 2.0.5 may allow an malicious user to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with we...
Lemonldap-ng Lemonldap\\ \\
Debian Debian Linux 10.0
668
VMScore
CVE-2019-12046
LemonLDAP::NG -2.0.3 has Incorrect Access Control.
Lemonldap-ng Lemonldap\\ \\
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2