CVE-2026-35563

The CVE-2026-35563 concerns the Apache Directory LDAP API LDAP client (v2.1.7) failing to verify that the server certificate matches the intended LDAP hostname. Root cause: incomplete TLS server identity verification. Impact: potential server impersonation and complete connection compromise over ...

The vulnerability of the LDAP URL parser component in the Apache Directory LDAP API software allows a malicious actor to cause service failure.

The vulnerability of the LDAP URL parser component in Apache Directory LDAP API is related to the lack of control over the data entered by users. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

ch.cern.hadoop:hadoop-minikdc (>=2.7.4.0 <=2.7.5.1), com.alibaba.lindorm:lindorm-search-test-framework (>=8.10.1.3 <=8.10.2) +117 more potentially affected by CVE-2015-3250 via org.apache.directory.api:api-ldap-model (>=1.0.0-M14 <=1.0.0-M30)

org.apache.directory.api:api-ldap-model MAVEN version =1.0.0-M14, =2.7.4.0, =8.10.1.3, =2.0.0-beta1, =1.0.3, =1.0.3, =1.0.3, =0.1.1, =0.1.1, =0.3.0, =0.3.0, =0.4.0, =0.4.0, =1.8.0, =1.9.3 and more Source cves: CVE-2015-3250 Source advisory: OSV:GHSA-CX3Q-CV6W-MX4H...