Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2023-33201

Опубликовано: 05 июл. 2023
Источник: ubuntu
Приоритет: medium
CVSS3: 5.3

Описание

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.

РелизСтатусПримечание
bionic

ignored

end of standard support
devel

needs-triage

esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-apps/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
jammy

needs-triage

kinetic

ignored

end of life, was needs-triage

Показывать по

Ссылки на источники

5.3 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2023-33201

CVSS3: 5.3
redhat
больше 2 лет назад

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.

nvd логотип

CVE-2023-33201

CVSS3: 5.3
nvd
больше 2 лет назад

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.

debian логотип

CVE-2023-33201

CVSS3: 5.3
debian
больше 2 лет назад

Bouncy Castle For Java before 1.74 is affected by an LDAP injection vu ...

suse-cvrf логотип

SUSE-SU-2023:2843-1

suse-cvrf
больше 2 лет назад

Security update for bouncycastle

github логотип

GHSA-hr8g-6v94-x4m9

CVSS3: 5.3
github
больше 2 лет назад

Bouncy Castle For Java LDAP injection vulnerability

5.3 Medium

CVSS3