Linux Distros Unpatched Vulnerability : CVE-2025-59518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation...

DEBIAN-CVE-2025-59518

In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...

CVE-2025-59518

In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...

Linux Distros Unpatched Vulnerability : CVE-2020-16093

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LemonLDAP::NG aka lemonldap-ng through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because th...

Linux Distros Unpatched Vulnerability : CVE-2024-52946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LemonLDAP::NG before 2.20.1. An Improper Check during session refresh allows an authenticated user to raise their authentication leve...

Linux Distros Unpatched Vulnerability : CVE-2024-45160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an empty...

CVE-2021-35472

An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users...

LemonLDAP::NG 安全漏洞

LemonLDAP::NG is the LemonLDAP::NG open source suite of Web single sign-on and access management software. A security vulnerability exists in LemonLDAP::NG prior to version 2.19.3, which stems from a remote attacker being able to inject arbitrary Web script or HTML into the login page via a...

LemonLDAP::NG 代码问题漏洞

LemonLDAP::NG is a web single sign-on and access management software. A security vulnerability exists in LemonLDAP NG versions prior to 2.0.15, which stems from the fact that certain sessions are not deleted when they should be...

DEBIAN-CVE-2023-28862

An issue was discovered in LemonLDAP::NG before 2.16.1. Weak session ID generation in the AuthBasic handler and incorrect failure handling during a password check allow attackers to bypass 2FA verification. Any plugin that tries to deny session creation after the store step does not deny an...

DEBIAN-CVE-2021-40874

An issue was discovered in LemonLDAP::NG aka lemonldap-ng 2.0.13. When using the RESTServer plug-in to operate a REST password validation service for another LemonLDAP::NG instance, for example and using the Kerberos authentication method combined with another method with the Combination...

UBUNTU-CVE-2020-16093

In LemonLDAP::NG aka lemonldap-ng through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used...

Lack of URL normalization may lead to authorization bypass when URL access rules are used

Impact When access rules are used inside a protected host, some URL encodings may bypass filtering system. Patches Version 0.5.2 includes a patch that fixes the vulnerability Workarounds No way for users to fix or remediate the vulnerability without upgrading References...