Vulnerabilities > Apache > Directory Studio

DATE CVE VULNERABILITY TITLE RISK
2021-07-26 CVE-2021-33900 Cleartext Transmission of Sensitive Information vulnerability in Apache Directory Studio
While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used.
network
low complexity
apache CWE-319
7.5
2016-04-11 CVE-2015-5349 Command Injection vulnerability in Apache Directory Studio and Ldap Studio
The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet.
local
low complexity
apache CWE-77
7.8