27 matches found
[SECURITY] Fedora 42 Update: lemonldap-ng-2.22.3-1.fc42
LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as...
Malicious code in epic-web-sso (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca9cc4b03dd8e76dfd584ab0477d0b2e3f590d5721151c414300238aa73753e3 The package epic-web-sso was found to contain malicious code...
MAL-2025-49217 Malicious code in epic-web-sso (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ca9cc4b03dd8e76dfd584ab0477d0b2e3f590d5721151c414300238aa73753e3 The package epic-web-sso was found to contain malicious code...
EUVD-2025-37076
Malicious code in epic-web-sso npm...
EUVD-2018-12132
Malware in sbrugna...
EUVD-2022-2089
Malicious code in bioql PyPI...
[SECURITY] Fedora 41 Update: lemonldap-ng-2.20.2-1.fc41
LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as...
[SECURITY] Fedora 41 Update: lemonldap-ng-2.20.1-1.fc41
LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as...
[SECURITY] Fedora 39 Update: lemonldap-ng-2.20.1-1.fc39
LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as...
[SECURITY] Fedora 40 Update: lemonldap-ng-2.20.1-1.fc40
LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as...
Debian: Security Advisory (DSA-4943-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4943-1] lemonldap-ng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4943-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4943-1] lemonldap-ng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4943-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 23, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4533-1] lemonldap-ng security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4533-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 25, 2019 https://www.debian.org/security/faq -...
Debian DSA-4446-1 : lemonldap-ng - security update
It was discovered that the Lemonldap::NG web SSO system performed insufficient validation of session tokens if the 'tokenUseGlobalStorage'option is enabled, which could grant users with access to the main session database access to an anonymous session. C Tenable Network Security, Inc. The...
Security Bulletin: Information disclosure in WebSphere Application Server Liberty (CVE-2018-1553)
Summary There is an information disclosure in WebSphere Application Server Liberty using the SAML Web SSO feature. Vulnerability Details CVEID: CVE-2018-1553 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by mishandling ...
Security Bulletin: Information disclosure in WebSphere Application Server Liberty affect IBM Operations Analytics - Log Analysis (CVE-2018-1553)
Summary IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. Vulnerability Details CVEID: CVE-2018-1553 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a remote...
Security Bulletin: Rational Asset Analyzer (RAA) is affected by a WAS Liberty vulnerability
Summary Rational Asset Analyzer RAA has addressed the following vulnerability: IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature. Vulnerability Details CVEID: CVE-2018-1553...
Security Bulletin: Information disclosure in Liberty for Java for IBM Cloud (CVE-2018-1553)
Summary There is an information disclosure in WebSphere Application Server Liberty using the SAML Web SSO feature. Vulnerability Details CVEID: CVE-2018-1553 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by mishandling ...
Security Bulletin: Information disclosure of stack trace in browser window in WebSphere Application Server LIBERTY affect IBM Spectrum LSF Application Center
Summary Information disclosure of stack trace in browser window in WebSphere Application Server LIBERTY Vulnerability Details CVEID: CVE-2018-1553 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptio...