RubyGems package
net-ldap
pkg:gem/net-ldap
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-0083 | — | < 0.16.2 | 0.16.2 | Nov 21, 2019 | The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords. | ||
| CVE-2017-17718 | Med | 5.9 | < 0.16.0 | 0.16.0 | Dec 17, 2017 | The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation. |
- CVE-2014-0083Nov 21, 2019affected < 0.16.2fixed 0.16.2
The Ruby net-ldap gem before 0.11 uses a weak salt when generating SSHA passwords.
- affected < 0.16.0fixed 0.16.0
The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation.