Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:36 p.m.7 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS6.5AI score0.00559EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.24 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Apache::Session::LDAP vulnerability (USN-6596-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6596-1 advisory. It was discovered that Apache::Session::LDAP incorrectly handled invalid X.509 certificates. If a user or an automated system were tricked...

8.1CVSS7.7AI score0.00441EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/31 12:0 a.m.25 views

Debian dla-3284 : libapache-session-ldap-perl - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3284 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3284-1 [email protected]...

8.1CVSS7.4AI score0.00559EPSS
Exploits1References6
Debian
Debian
added 2023/01/28 12:7 p.m.49 views

[SECURITY] [DLA 3284-1] libapache-session-ldap-perl security update

Debian LTS Advisory DLA-3284-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin January 28, 2023 https://wiki.debian.org/LTS Package : libapache-session-ldap-perl Version : 0.4-1+deb10u1 CVE ID : CVE-2020-36658 In Apache::Session::LDAP before 0.5, validity of the...

8.1CVSS7.1AI score0.00559EPSS
Exploits1
OSV
OSV
added 2023/01/27 5:15 a.m.2 views

DEBIAN-CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS7.5AI score0.00441EPSS
Exploits0References1
Prion
Prion
added 2023/01/27 5:15 a.m.26 views

Design/Logic Flaw

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

5.1CVSS7.6AI score0.00559EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/27 12:0 a.m.6 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

7.9AI score0.00441EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2023/01/27 12:0 a.m.48 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS7.1AI score0.00441EPSS
Exploits0References3
Rows per page
Query Builder