Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|
CVE-2023-44469 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A Server-Side Request Forgery issue in the OpenID Connect Issuer in Le ... |
CVE-2023-28862 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | An issue was discovered in LemonLDAP::NG before 2.16.1. Weak session I ... |
CVE-2022-37186 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | In LemonLDAP::NG before 2.0.15. some sessions are not deleted when the ... |
CVE-2021-40874 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in LemonLDAP::NG (aka lemonldap-ng) 2.0.13. Wh ... |
CVE-2021-35473 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | Access token lifetime is not verified with OAuth2 Handler |
CVE-2021-35472 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache ... |
CVE-2020-24660 | vulnerable | fixed | fixed | fixed | fixed | fixed | fixed | An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is ... |
CVE-2020-16093 | vulnerable | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.5 ... |
CVE-2019-19791 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache H ... |
CVE-2019-15941 | fixed | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | fixed | OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an ... |