Information on source package lemonldap-ng

Available versions

buster (security)2.0.2+ds-7+deb10u6

Open issues

CVE-2022-37186vulnerable (no DSA)fixedfixedfixedSession destroyed on portal but still valid on handlers
CVE-2020-16093vulnerable (no DSA)fixedfixedfixedIn LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.5 ...

Resolved issues

CVE-2021-40874An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. Wh ...
CVE-2021-35473Access token lifetime is not verified with OAuth2 Handler
CVE-2021-35472An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache ...
CVE-2020-24660An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is ...
CVE-2019-19791Apache access rules and SOAP/REST endpoints issue
CVE-2019-15941OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an ...
CVE-2019-13031LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue whe ...
CVE-2019-12046LemonLDAP::NG -2.0.3 has Incorrect Access Control. ...
CVE-2012-6426LemonLDAP::NG before 1.2.3 does not use the signature-verification cap ...

Security announcements

DSA / DLADescription
DSA-4943-1lemonldap-ng - security update
DSA-4762-1lemonldap-ng - security update
DLA-2367-1lemonldap-ng - security update
DSA-4533-1lemonldap-ng - security update
DLA-1844-1lemonldap-ng - security update
DLA-1790-1lemonldap-ng - security update
DSA-4446-1lemonldap-ng - security update

Search for package or bug name: Reporting problems