DSA-4943-1 lemonldap-ng -- lemonldap-ngID: oval:org.secpod.oval:def:605582 | Date: (C)2021-07-26 (M)2021-11-04 |
Class: PATCH | Family: unix |
Several vulnerabilities were discovered in lemonldap-ng, a Web-SSO system. The flaws could result in information disclosure, authentication bypass, or could allow an attacker to increase its authentication level or impersonate another user, especially when lemonldap-ng is configured to increase authentication level for users authenticated via a second factor.
Product: |
liblemonldap-ng-handler-perl |
liblemonldap-ng-manager-perl |
lemonldap-ng |
liblemonldap-ng-portal-perl |
liblemonldap-ng-common-perl |