Lucene search
Gentoo FoundationMGASA-2018-0235HistoryMay 16, 2018 - 11:24 a.m.
Updated spring-ldap packages fix security vulnerability
2018-05-1611:24:56
Gentoo Foundation
advisories.mageia.org
11
0.004 Low
EPSS
Percentile
74.2%
It was discovered that spring-ldap would under some circumstances allow authentication with a correct username but an arbitrary password (CVE-2017-8028).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 6 | noarch | spring-ldap | < 1.3.1-14.1 | spring-ldap-1.3.1-14.1.mga6 |
Related
nessus
nessus
Debian DSA-4046-1 : libspring-ldap-java - security update
2017-11-27 00:00:00
Debian DLA-1180-1 : libspring-ldap-java security update
2017-11-20 00:00:00
veracode
veracode
Authentication Bypass
2017-10-25 07:50:22
redhatcve
redhatcve
CVE-2017-8028
2017-11-08 13:52:28
osv
osv
libspring-ldap-java - security update
2017-11-19 00:00:00
Improper Authentication in Pivotal Spring-LDAP
2022-05-13 01:12:09
libspring-ldap-java - security update
2017-11-22 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2018-0235)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-1180-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-4046-1)
2017-11-21 00:00:00
ubuntucve
ubuntucve
CVE-2017-8028
2017-11-27 00:00:00
debian
debian
[SECURITY] [DLA 1180-1] libspring-ldap-java security update
2017-11-19 18:19:50
[SECURITY] [DSA 4046-1] libspring-ldap-java security update
2017-11-22 17:37:32
cve
cve
CVE-2017-8028
2017-11-27 10:29:00
prion
prion
Authentication flaw
2017-11-27 10:29:00
github
github
Improper Authentication in Pivotal Spring-LDAP
2022-05-13 01:12:09
cvelist
cvelist
CVE-2017-8028
2017-11-27 10:00:00
redhat
redhat
oracle
oracle
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00