Directory Studio Apache Directory Studio

Do you want an email whenever new security vulnerabilities are reported in Apache Directory Studio?

By the Year

In 2024 there have been 0 vulnerabilities in Apache Directory Studio . Directory Studio did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 1 7.50
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Directory Studio vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Apache Directory Studio Security Vulnerabilities

While investigating DIRSTUDIO-1219 it was noticed

CVE-2021-33900 7.5 - High - July 26, 2021

While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. While investigating DIRSTUDIO-1220 it was noticed that any configured SASL confidentiality layer was not applied. This issue affects Apache Directory Studio version 2.0.0.v20210213-M16 and prior versions.

Cleartext Transmission of Sensitive Information

The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry

CVE-2015-5349 7.8 - High - April 11, 2016

The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet.

Command Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Apache Directory Studio or by Apache? Click the Watch button to subscribe.

Apache
Vendor

subscribe