12 matches found
EUVD-2025-29680
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-59518
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation...
CVE-2025-59518
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...
DEBIAN-CVE-2025-59518
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...
CVE-2025-59518
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...
UBUNTU-CVE-2025-59518
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...
CVE-2025-59518
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...
CVE-2025-59518
CVE-2025-59518 affects LemonLDAP::NG versions prior to 2.16.7 and 2.17 through 2.21 before 2.21.3, where the Safe jail can be exploited for OS command injection. The root cause is that Safe jail rules are not localized during evaluation, allowing an administrator who edits a rule to execute comma...
LemonLDAP::NG 操作系统命令注入漏洞
LemonLDAP::NG is the LemonLDAP::NG open source suite of Web single sign-on and access management software. An operating system command injection vulnerability exists in LemonLDAP::NG versions prior to 2.16.7 and 2.17 through 2.21.3, which stems from Safe jail not being localized during rule...
CVE-2025-59518
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...
CVE-2025-59518
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server...
PT-2025-38108
Name of the Vulnerable Software and Affected Versions: LemonLDAP::NG versions prior to 2.16.7 LemonLDAP::NG versions 2.17 through 2.21 before 2.21.3 Description: LemonLDAP::NG is susceptible to OS command injection within the Safe jail. The software fails to localize the underscore character duri...