Описание
An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3.
A flaw was found in the kerby-backend. This issue leads to LDAP Injection.
Отчет
Red Hat products do not ship the org.apache.kerby:kerby-backend.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| A-MQ Clients 2 | kerby-backend | Not affected | ||
| Red Hat AMQ Broker 7 | kerby-backend | Not affected | ||
| Red Hat AMQ Broker 7 | org.apache.kerby | Not affected | ||
| Red Hat build of Apache Camel for Spring Boot 3 | kerby-backend | Not affected | ||
| Red Hat Data Grid 8 | kerby-backend | Not affected | ||
| Red Hat Fuse 7 | kerby-backend | Not affected | ||
| Red Hat Integration Camel K 1 | kerby-backend | Not affected | ||
| Red Hat JBoss Data Grid 7 | kerby-backend | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 6 | kerby-backend | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 6 | keycloak-adapter-sso7_4-eap6 | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Important
Дефект:
CWE-74
https://bugzilla.redhat.com/show_bug.cgi?id=2174262kerby-backend: LDAP Injection Vulnerability in Apache Kerby
EPSS
Процентиль: 41%
0.00189
Низкий
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
почти 3 года назад
An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3.
CVSS3: 9.8
github
почти 3 года назад
Apache Kerby LdapIdentityBackend LDAP Injection vulnerability
EPSS
Процентиль: 41%
0.00189
Низкий
9.8 Critical
CVSS3