36 matches found
Fedora 43 : perl-Apache-Session-Browseable (2026-e8ef64b8d3)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e8ef64b8d3 advisory. This update has improvements to generate more secure session IDs CVE-2026-8503. Tenable has extracted the preceding description block directly from the Fedor...
[SECURITY] Fedora 43 Update: perl-Apache-Session-Browseable-1.3.19-1.fc43
A virtual Apache::Session back-end providing some class methods to manipulate all sessions and add the capability to index some fields to make re-search faster...
Linux Distros Unpatched Vulnerability : CVE-2020-25626
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properl...
Linux Distros Unpatched Vulnerability : CVE-2020-36659
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the...
CVE-2020-36659
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...
CVE-2019-9428
In the Framework, it is possible to set up BROWSEABLE intents to take over certain URLs. This could lead to remote information disclosure of sensitive URLs with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID:...
SUSE CVE-2020-25626
A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...
Debian dla-3285 : libapache-session-browseable-perl - security update
The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3285 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3285-1 [email protected]...
Debian: Security Advisory (DLA-3285-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DLA-3285-1 libapache-session-browseable-perl - security update
Bulletin has no description...
CVE-2020-36659
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...
CVE-2020-36659
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...
Design/Logic Flaw
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...
Apache::Session::Browseable 信任管理问题漏洞
Apache::Session::Browseable is an Apache::Session implementation that allows indexes to be defined to speed up searches. A security vulnerability exists in Apache::Session::Browseable versions prior to 1.3.6 that stems from not checking the validity of X.509 certificates...
CVE-2020-36659
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...
CVE-2020-36659
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...
CVE-2020-36659
In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...
CVE-2020-36659
CVE-2020-36659 affects Apache::Session::Browseable (before 1.3.6) where X.509 certificate validation is not enforced by default for remote LDAP backends due to Net::LDAPS default config. This vulnerability is tied to LemonLDAP::NG and its Apache::Session dependencies; Debian and OpenVAS advisorie...
PT-2023-11827 · Unknown · Net::Ldaps +1
Name of the Vulnerable Software and Affected Versions: Apache::Session::Browseable versions prior to 1.3.6 Description: The issue concerns the validity check of the X.509 certificate when connecting to remote LDAP backends. By default, the validity of the X.509 certificate is not checked due to t...
GHSA-FX83-3PH3-9J2Q Cross-site Scripting (XSS) in Django REST Framework
A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. When using the browseable API viewer, Django REST Framework fails to properly escape certain strings that can come from user input. This allows a user who can control those strings to inject malicious tags, leadin...