Описание
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 2.0.2+ds-6 |
| disco | not-affected | 2.0.2+ds-6 |
| eoan | not-affected | 2.0.2+ds-6 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 2.0.2+ds-6 |
| esm-apps/jammy | not-affected | 2.0.2+ds-6 |
| esm-apps/noble | not-affected | 2.0.2+ds-6 |
| esm-apps/xenial | needed |
Показывать по
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3
Связанные уязвимости
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule.
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue whe ...
LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule.
EPSS
6.8 Medium
CVSS2
8.1 High
CVSS3