Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-15941

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request...

9.8CVSS8.1AI score0.02197EPSS
Exploits0References2
Debian
Debian
added 2019/09/25 8:37 p.m.30 views

[SECURITY] [DSA 4533-1] lemonldap-ng security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4533-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 25, 2019 https://www.debian.org/security/faq -...

9.8CVSS9.6AI score0.02197EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2019/09/25 8:15 p.m.14 views

CVE-2019-15941

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access control rules via a crafted OpenID Connect authorization request. To be vulnerable, there must exist an OIDC Relaying party within the LemonLDAP configuration with weaker access control rules than the...

9.8CVSS7.2AI score0.02197EPSS
Exploits0References1
CVE
CVE
added 2019/09/25 7:39 p.m.73 views

CVE-2019-15941

OpenID Connect Issuer in LemonLDAP::NG 2.x up to 2.0.5 can bypass access control via a crafted OIDC authorization request when there is a weaker relaying party and no redirection URI filtering. Affected components: LemonLDAP::NG (OpenID Connect issuer) in 2.x up to 2.0.5. Root cause: misconfigure...

9.8CVSS9AI score0.02197EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder