Vulnerabilities > Lemonldap NG > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-27 | CVE-2020-36658 | Improper Certificate Validation vulnerability in multiple products In Apache::Session::LDAP before 0.5, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. | 8.1 |
| 2023-01-27 | CVE-2020-36659 | Improper Certificate Validation vulnerability in multiple products In Apache::Session::Browseable before 1.3.6, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. | 8.1 |
| 2022-07-18 | CVE-2020-16093 | Improper Certificate Validation vulnerability in multiple products In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::LDAPS module for Perl is used. | 7.5 |
| 2021-07-30 | CVE-2021-35472 | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products An issue was discovered in LemonLDAP::NG before 2.0.12. | 8.8 |
| 2019-06-28 | CVE-2019-13031 | XXE vulnerability in multiple products LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue when submitting a notification to the notification server. | 8.1 |