flask-ldapconn@0.6.8 vulnerabilities

Pure python, LDAP connection and ORM for Flask Applications

Direct Vulnerabilities

Known vulnerabilities in the flask-ldapconn package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Improper Access Control

Flask-LDAPConn is a Pure python, LDAP connection and ORM for Flask Applications

Affected versions of this package are vulnerable to Improper Access Control allowing authentication without a password if LDAP_SECRET was not configured, due to anonymous binds succeeding by default.

How to fix Improper Access Control?

Upgrade Flask-LDAPConn to version 0.10.1 or higher.

[,0.10.1)