RSS   Vulnerabilities for 'Lemonldap'   RSS

2019-06-28
 
CVE-2019-13031

CWE-611
 

 
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule.

 
2019-05-22
 
CVE-2019-12046

CWE-284
 

 
LemonLDAP::NG -2.0.3 has Incorrect Access Control.

 
2013-01-01
 
CVE-2012-6426

CWE-264
 

 
LemonLDAP::NG before 1.2.3 does not use the signature-verification capability of the Lasso library, which allows remote attackers to bypass intended access-control restrictions via crafted SAML data.

 

 >>> Vendor: Lemonldap-ng 2 Products
Lemonldap
Lemonldap\


Copyright 2024, cxsecurity.com

 

Back to Top