Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5
CVE-2016-8750
- EPSS 1.51%
- Published 19.02.2018 15:29:00
- Last modified 21.11.2024 02:59:59
Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service.
5.5
CVE-2014-0219
- EPSS 0.08%
- Published 15.11.2017 18:29:00
- Last modified 20.04.2025 01:37:25
Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports.