VYPR

rpm package

almalinux/idm-tomcatjss

pkg:rpm/almalinux/idm-tomcatjss

Vulnerabilities (1)

  • CVE-2023-4727HigJun 11, 2024
    affected < 7.8.0-1.module_el8.10.0+3801+17b19a60fixed 7.8.0-1.module_el8.10.0+3801+17b19a60

    A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with a LDAP injection. By passing the query string parameter sessionID=*, an attacker can authenticate with an existing session saved in the LDAP directory server, which may lead to escal