6 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-12804
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of...
Fedora 43 : lemonldap-ng (2025-27d58d0125)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-27d58d0125 advisory. See https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-21-3-is-out/ Tenable has extracted the preceding description block directly from the Fedora...
Fedora 41 : lemonldap-ng (2025-3aa9a75a72)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-3aa9a75a72 advisory. - SecurityCVE-2024-52948 CSRF on 2FA registration - Security Open redirect vulnerability in logout Tenable has extracted the preceding description block...
Fedora 39 : lemonldap-ng (2024-d0a6c4ac13)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-d0a6c4ac13 advisory. Update to lemonldap-ng 2.20.1: - Security Adaptative Authentication Rules triggered by Refresh my rights - Security XSS in upgradeSession / forceUpgrade page...
Fedora 40 : lemonldap-ng (2024-e457192aa2)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-e457192aa2 advisory. Update to lemonldap-ng 2.20.1: - Security Adaptative Authentication Rules triggered by Refresh my rights - Security XSS in upgradeSession / forceUpgrade page...
CVE-2012-6426
LemonLDAP::NG before 1.2.3 does not use the signature-verification capability of the Lasso library, which allows remote attackers to bypass intended access-control restrictions via crafted SAML data...