mod_ldap24 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the mod_ldap24 package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Cross-site Scripting (XSS)	<0:2.4.6-56.ep7.el7
M Insufficient Verification of Data Authenticity	*
M Allocation of Resources Without Limits or Throttling	*
L Information Exposure	*
M Allocation of Resources Without Limits or Throttling	*
L Integer Overflow or Wraparound	*
L Integer Overflow or Wraparound	*
M HTTP Request Smuggling	*
M Improper Authentication	*
M Resource Exhaustion	*
M Use After Free	*
M Buffer Overflow	*
M Files or Directories Accessible to External Parties	<0:2.4.6-61.ep7.el7
M Authentication Bypass	<0:2.4.6-61.ep7.el7
M Improper Authentication	<0:2.4.6-61.ep7.el7
M Cross-site Request Forgery (CSRF)	<0:2.4.6-61.ep7.el7
M Allocation of Resources Without Limits or Throttling	<0:2.4.6-59.ep7.el7
M Improper Authentication	<0:2.4.6-61.ep7.el7
M Directory Traversal	<0:2.4.6-59.ep7.el7
H Improper Input Validation	<0:2.4.6-62.ep7.el7
M CVE-2015-5346	<0:2.4.6-61.ep7.el7
H Improper Input Validation	<0:2.4.6-62.ep7.el7
M Improper Authentication	*
M Encoding Error	<0:2.4.6-59.ep7.el7
M NULL Pointer Dereference	<0:2.4.6-59.ep7.el7
M Improper Authentication	<0:2.4.6-59.ep7.el7
M Out-of-bounds Read	*
L Open Redirect	*
L Cross-site Scripting (XSS)	*