exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2021-35473

около 1 года назад

An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4.

CVSS3: 9.1

EPSS: Низкий

CVE-2021-35473

около 1 года назад

An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4.

CVSS3: 9.1

EPSS: Низкий

CVE-2021-35473

около 1 года назад

An issue was discovered in LemonLDAP::NG before 2.0.12. There is a mis ...

CVSS3: 9.1

EPSS: Низкий

GHSA-m833-cpj5-q368

около 1 года назад

An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4.

CVSS3: 9.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-35473 An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4.	CVSS3: 9.1	0% Низкий	около 1 года назад
CVE-2021-35473 An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4.	CVSS3: 9.1	0% Низкий	около 1 года назад
CVE-2021-35473 An issue was discovered in LemonLDAP::NG before 2.0.12. There is a mis ...	CVSS3: 9.1	0% Низкий	около 1 года назад
GHSA-m833-cpj5-q368 An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4.	CVSS3: 9.1	0% Низкий	около 1 года назад

Уязвимостей на страницу