Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Directory Studio
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-33900 1 Apache 1 Directory Studio 2024-11-21 5.0 MEDIUM 7.5 HIGH
While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. While investigating DIRSTUDIO-1220 it was noticed that any configured SASL confidentiality layer was not applied. This issue affects Apache Directory Studio version 2.0.0.v20210213-M16 and prior versions.
CVE-2015-5349 1 Apache 2 Directory Studio, Ldap Studio 2024-11-21 9.3 HIGH 7.8 HIGH
The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet.