Lucene search
+L

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 5:36 p.m.7 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS6.5AI score0.00671EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/01/25 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-6596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.00441EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.24 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Apache::Session::LDAP vulnerability (USN-6596-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6596-1 advisory. It was discovered that Apache::Session::LDAP incorrectly handled invalid X.509 certificates. If a user or an automated system were tricked...

8.1CVSS7.7AI score0.00441EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/31 12:0 a.m.25 views

Debian dla-3284 : libapache-session-ldap-perl - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3284 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3284-1 [email protected]...

8.1CVSS7.4AI score0.00671EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2023/01/29 12:0 a.m.34 views

Debian: Security Advisory (DLA-3284-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.8AI score0.00671EPSS
Exploits1References4
NVD
NVD
added 2023/01/27 5:15 a.m.31 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS7.7AI score0.00441EPSS
Exploits0References2
CVE
CVE
added 2023/01/27 12:0 a.m.93 views

CVE-2020-36658

CVE-2020-36658 affects Apache::Session::LDAP prior to 0.5, where validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends because the Net::LDAPS Perl module default is used. This can enable spoofing or exposure of sensitive information if an attacker tri...

8.1CVSS7.5AI score0.00441EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2023/01/27 12:0 a.m.49 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

8.1CVSS7.1AI score0.00441EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/01/27 12:0 a.m.6 views

CVE-2020-36658

In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-16093 fix...

7.9AI score0.00441EPSS
Exploits0References2
Rows per page
Query Builder