CVE-2020-5281

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-5281
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5281.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-5281
Related
  • GHSA-gj88-9q3f-72m3
Published
2020-03-25T18:15:14.343Z
Modified
2026-03-13T22:15:26.835793Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

In Perun before version 3.9.1, VO or group manager can modify configuration of the LDAP extSource to retrieve all from Perun LDAP. Issue is fixed in version 3.9.1 by sanitisation of the input.

References

Affected packages

Git / github.com/cesnet/perun

Affected ranges

Type
GIT
Repo
https://github.com/cesnet/perun
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e9ecab694b727589bbb673f1dc5c266921593d4d
Fixed
ac527bc3225a64208ee5cee59e5918ee360ca039
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.9.1"
        }
    ]
}

Affected versions

v3.*
v3.9.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-5281.json"