4 matches found
CVE-2021-35473
creationtimestamp| type| source ---|---|--- 2024-11-10 22:32:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113461030972663623 2024-11-11 01:02:40+00:00| seen| https://t.me/cvedetector/10441...
CVE-2021-35473
An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4...
CVE-2021-35473
An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4...
CVE-2021-35473
An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4...