org.apache.karaf.jaas:org.apache.karaf.jaas.modules@2.4.0 vulnerabilities
-
latest version
4.4.6
-
latest non vulnerable version
-
first published
14 years ago
-
latest version published
7 months ago
-
licenses detected
- [2.0.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.karaf.jaas:org.apache.karaf.jaas.modules package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.karaf.jaas:org.apache.karaf.jaas.modules is a bundle that provides JAAS modules which can be used in Karaf (LDAP, JDBC, etc). Affected versions of this package are vulnerable to LDAP Injection when the How to fix LDAP Injection? Upgrade |
[,4.3.8)
[4.4.0,4.4.2)
|
org.apache.karaf.jaas:org.apache.karaf.jaas.modules is a bundle that provides JAAS modules which can be used in Karaf (LDAP, JDBC, etc). Affected versions of this package are vulnerable to LDAP injection. It uses the While it appears that it not possible to exploit this vulnerability to allow an attacker to gain remote access, it allows an attacker to insert special characters into the search query step. Therefore, it can potentially be exploited as part of a Denial Of Service attack. How to fix LDAP injection? Upgrade |
[,4.0.8)
|