VYPR

Directory LDAP API

by Apache

Source repositories

CVEs (2)

  • CVE-2026-35563HigJun 1, 2026
    risk 0.55cvss 8.5epss 0.00

    It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the intended LDAP hostname. While the underlying code validates the certificate chain against a trusted authority, the absence of endpoint identification …

  • CVE-2015-3250HigSep 7, 2017
    risk 0.42cvss 7.5epss 0.05

    Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors.