mod_ldap vulnerabilities

Known vulnerabilities in the mod_ldap package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Improper Encoding or Escaping of Output	*
M Improper Input Validation	*
L HTTP Response Splitting	*
M Improper Input Validation	*
M Out-of-bounds Read	*
M HTTP Response Splitting	*
H HTTP Response Splitting	<0:2.4.6-98.el7_9.7
M HTTP Response Splitting	*
M HTTP Request Smuggling	*
M Out-of-bounds Read	*
M Insufficient Verification of Data Authenticity	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
M HTTP Request Smuggling	*
M Integer Overflow or Wraparound	*
M Improper Initialization	*
H HTTP Request Smuggling	<0:2.4.6-97.el7_9.5
M Integer Overflow or Wraparound	*
H Resource Exhaustion	<0:2.4.6-97.el7_9.4
H Server-Side Request Forgery (SSRF)	<0:2.4.6-97.el7_9.1
H Out-of-bounds Write	<0:2.4.6-97.el7_9.4
M Out-of-bounds Read	*
H NULL Pointer Dereference	<0:2.4.6-97.el7_9.4
M NULL Pointer Dereference	*
M Improper Input Validation	<0:2.4.6-95.el7
M Insufficient Session Expiration	<0:2.4.6-93.el7
H Heap-based Buffer Overflow	<0:2.4.6-67.el7_4.2
M Use After Free	<0:2.4.6-67.el7_4.5
H Missing Initialization of a Variable	<0:2.4.6-67.el7_4.2
H Out-of-bounds Read	<0:2.4.6-67.el7_4.2
H Improper Authentication	<0:2.4.6-67.el7_4.2
H NULL Pointer Dereference	<0:2.4.6-67.el7_4.2
M Improper Input Validation	<0:2.4.6-45.el7_3.4
M Improper Input Validation	<0:2.4.6-45.el7_3.4
M Improper Authentication	<0:2.4.6-45.el7_3.4
M Open Redirect	<0:2.4.6-95.el7
H Improper Input Validation	<0:2.4.6-40.el7_2.4
M Improper Authentication	<0:2.4.6-31.el7_1.1
M Encoding Error	<0:2.4.6-31.el7_1.1
L NULL Pointer Dereference	<0:2.4.6-31.el7
L Improper Authentication	<0:2.4.6-31.el7
H Resource Management Errors	<0:2.4.6-18.el7_0
H Improper Synchronization	<0:2.4.6-18.el7_0
H Resource Exhaustion	<0:2.4.6-18.el7_0
H Improper Input Validation	<0:2.4.6-18.el7_0
H NULL Pointer Dereference	<0:2.4.6-18.el7_0
M Insufficient Verification of Data Authenticity	<0:2.4.6-40.el7
M Missing Initialization of a Variable	<0:2.4.6-95.el7
M Open Redirect	<0:2.4.6-95.el7
M Improper Access Control	<0:2.4.6-90.el7
M Path Equivalence	<0:2.4.6-90.el7
M Out-of-bounds Read	<0:2.4.6-95.el7
L Authentication Bypass by Primary Weakness	<0:2.4.6-89.el7_6.1
M Out-of-bounds Read	<0:2.4.6-93.el7
L Cross-site Scripting (XSS)	*
M Out-of-bounds Write	<0:2.4.6-95.el7
M Out-of-bounds Write	<0:2.4.6-93.el7
M Improper Input Validation	*
H Out-of-Bounds	<0:2.4.6-97.el7_9.4
M NULL Pointer Dereference	*
M HTTP Response Splitting	<0:2.4.6-45.el7_3.4
L Out-of-Bounds	*
M Improper Authentication	*
L Access Restriction Bypass	*

Vulnerability

Vulnerable Version

Improper Encoding or Escaping of Output