1 results (0.002 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-6497
https://notcve.org/view.php?id=CVE-2016-6497
18 Jan 2017 — main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all search methods. main/java/org/apache/directory/groovyldap/LDAP.java en la API Groovy LDAP en Apache permite que los atacantes lleven a cabo ataques de envenenamiento de entradas LDAP aprovechando la configuración de returnObjFlag como "true" para todos los métodos de búsqueda. • http://svn.apache.org/viewvc/directory/sandbox/szoerner/groovyldap/src/main/java/org/apache/directory/groovyldap/LDAP.java?r1=1765362&r2=1765361&pathrev=1765362&view=patch • CWE-254: 7PK - Security Features •