Low severity3.1NVD Advisory· Published Jun 1, 2021· Updated Jun 17, 2026
CVE-2021-32651
CVE-2021-32651
Description
OneDev is a development operations platform. If the LDAP external authentication mechanism is enabled in OneDev versions 4.4.1 and prior, an attacker can manipulate a user search filter to send forged queries to the application and explore the LDAP tree using Blind LDAP Injection techniques. The specific payload depends on how the User Search Filter property is configured in OneDev. This issue was fixed in version 4.4.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
2- github.com/theonedev/onedev/commit/4440f0c57e440488d7e653417b2547eaae8ad19cnvdPatchThird Party Advisory
- github.com/theonedev/onedev/security/advisories/GHSA-5864-2496-4xjfnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.