Vulnerabilities > Apache > Directory Studio
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-26 | CVE-2021-33900 | Cleartext Transmission of Sensitive Information vulnerability in Apache Directory Studio While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. | 7.5 |
| 2016-04-11 | CVE-2015-5349 | Command Injection vulnerability in Apache Directory Studio and Ldap Studio The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet. | 7.8 |