CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. By default, the notification server is not enabled and has a "deny all" rule.

Product Status

Learn more

Information not provided

References 3 Total

https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1820
external site
lists.debian.org: [debian-lts-announce] 20190704 [SECURITY] [DLA 1844-1] lemonldap-ng security update
external site
mailing-list
https://www.calypt.com/blog/index.php/cve-2019-13031-xxe-on-lemonldapng-2-0-5/
external site

Updated: 2024-08-04

This container includes required additional information provided by the CVE Program for this vulnerability.

References 3 Total

https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1820
external site
x_transferred
lists.debian.org: [debian-lts-announce] 20190704 [SECURITY] [DLA 1844-1] lemonldap-ng security update
external site
mailing-listx_transferred
https://www.calypt.com/blog/index.php/cve-2019-13031-xxe-on-lemonldapng-2-0-5/
external site
x_transferred

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: MITRE Corporation

Description

Product Status

References 3 Total

CVE Program

References 3 Total