OpenStack Keystone: LDAP identity backend does not convert enabled attribute to boolean

In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the userenabledinvert configuration option is False the default. The ldaprestomodel method in the UserApi class only performed string-to-boolean conversion when...

DEBIAN-CVE-2026-40683

In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the userenabledinvert configuration option is False the default. The ldaprestomodel method in the UserApi class only performed string-to-boolean conversion when...

CVE-2026-40683

In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the userenabledinvert configuration option is False the default. The ldaprestomodel method in the UserApi class only performed string-to-boolean conversion when...

PT-2026-32909

In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the user enabled invert configuration option is False the default. The ldap res to model method in the UserApi class only performed string-to-boolean conversion when user...

MiracleLinux 4 : krb5-1.9-22.AXS4.1 (AXSA:2012-29:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-29:01 advisory. Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of...

EUVD-2017-18213

Malware in sbrugna...

EUVD-2020-12604

Malware in sbrugna...

EUVD-2020-8060

Malware in sbrugna...

CVE-2024-36070

tine before 2023.11.8, when an LDAP backend is used, allows anonymous remote attackers to obtain sensitive authentication information via setup.php because of getRegistryData in Setup/Frontend/Json.php. An update is also available for the 2022.11 series...

CVE-2024-36070

tine before 2023.11.8, when an LDAP backend is used, allows anonymous remote attackers to obtain sensitive authentication information via setup.php because of getRegistryData in Setup/Frontend/Json.php. An update is also available for the 2022.11 series...

CVE-2024-36070

tine before 2023.11.8, when an LDAP backend is used, allows anonymous remote attackers to obtain sensitive authentication information via setup.php because of getRegistryData in Setup/Frontend/Json.php. An update is also available for the 2022.11 series...

GHSA-X883-2VMG-XWF7 Authelia's Group Changes may not have the expected results (YAML file backend)

Impact Under very specific conditions changes to a users groups may not have the expected results. The specific conditions are: The file authentication backend is being used. The watch option is set to true. The refreshinterval is configured to a non-disabled value. The users groups are adjusted ...

RHEL 6 : openstack-keystone (RHSA-2013:0994)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0994 advisory. The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token,...

Important: Red Hat Security Advisory: bind and bind-dyndb-ldap security updates

Updates for bind and bind-dyndb-ldap are now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

LDAP Injection

ldap-backend is vulnerable to LDAP Injection. The vulnerability exists because the doGetIdentity function in LdapIdentityBackend.java does not properly filter the object class, allowing an attacker to inject and execute malicious LDAP query's through the principalName parameter...

org.apache.kerby:kerby-kdc-test (>=1.0.0-RC1 <=1.0.0-RC2) potentially affected by CVE-2023-25613 via org.apache.kerby:ldap-backend (>=1.0.0-RC1 <=1.0.0-RC2)

org.apache.kerby:ldap-backend MAVEN version =1.0.0-RC1, =1.0.0-RC1, =1.0.0-RC2 Source cves: CVE-2023-25613 Source advisory: OSV:GHSA-337F-XR2X-6FCF...

SUSE CVE-2011-0281

The unparse implementation in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service file descriptor exhaustion and daemon hang via a principal name that triggers use of a backslash escape...

SUSE CVE-2011-0282

The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.6.x through 1.9, when an LDAP backend is used, allows remote attackers to cause a denial of service NULL pointer dereference or buffer over-read, and daemon crash via a crafted principal name...

SUSE CVE-2011-1527

The kdbldap plugin in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a kinit operation with incorrect string case for the realm, relate...

CVE-2020-36659

In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. NOTE: this can, for example, be fixed in conjunction with the CVE-2020-160...