24 matches found
EUVD-2018-0745
Malware in sbrugna...
EUVD-2016-7419
Malware in sbrugna...
EUVD-2022-3657
Malicious code in bioql PyPI...
libldb security, bug fix, and enhancement update
An update is available for libldb. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libldb packages provide an extensible library that implements an LDAP-like...
Security Bulletin: IBM Security Verify Information Queue uses Apache LDAP API with a known vulnerability (CVE-2018-1337)
Summary IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the Apache Directory LDAP API that is vulnerable to leaking sensitive information. ISIQ v10.0.3 upgraded to a newer Apache LDAP API that does not have the vulnerability. Vulnerability Details CVEID: CVE-2018-1337...
Exposure of Sensitive Information to an Unauthorized Actor in Apache Directory LDAP API
Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors...
[SECURITY] Fedora 32 Update: libldb-2.1.5-1.fc32
An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases...
Fedora: Security Advisory for libldb (FEDORA-2021-1a8e93a285)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 31 Update: libldb-2.0.10-1.fc31
An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases...
[SECURITY] Fedora 31 Update: libldb-2.0.7-1.fc31
An extensible library that implements an LDAP like API to access remote LDAP servers, or use local tdb databases...
GHSA-CFW5-V7CW-69CW Credential leak in org.apache.directory.api:apache-ldap-api
In Apache LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contain...
Credential leak in org.apache.directory.api:apache-ldap-api
In Apache LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contain...
Apache LDAP API Information Disclosure Vulnerability
Apache LDAP API is a U.S. Apache Apache Software Foundation API for accessing LDAP servers. A security vulnerability exists in Apache LDAP API versions prior to 1.0.2. An attacker can exploit the vulnerability to disclose information including: credentials contained in a request...
Information Disclosure Through Race Condition
apache-ldap-api is vulnerable to information disclosure through a race condition. The vulnerability exists as it is possible for another thread to use the connection before it is secured by TLS, caused by the weak setup of SSL Filter. This could potentially expose sensitive information such as...
Server side request forgery (ssrf)
In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any informati...
CVE-2018-1337
In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any informati...
CVE-2018-1337
CVE-2018-1337 affects Apache Directory LDAP API prior to 1.0.2. Root cause: a flaw in the SSL Filter setup allows a thread to reuse a connection before TLS is established, potentially leaking data from a request (including credentials from BIND) when a connection is pulled from the pool. Impact: ...
CVE-2018-1337
In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any informati...
CVE-2015-3250
Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors...
DEBIAN-CVE-2015-3250
Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors...