Description
An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Apache Software Foundation | Apache Kerby LDAP Backend | unaffected |
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 Github GHSA |
GHSA-337f-xr2x-6fcf | Apache Kerby LdapIdentityBackend LDAP Injection vulnerability |
References
History
Mon, 11 Aug 2025 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apache kerby Ldap Backend
|
|
| CPEs | cpe:2.3:a:apache:kerby_ldap_backend:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Apache identity Backend
|
Apache kerby Ldap Backend
|
Sun, 13 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
MITRE
Status: PUBLISHED
Assigner: apache
Published:
Updated: 2024-08-02T11:25:19.226Z
Reserved: 2023-02-09T09:47:41.424Z
Link: CVE-2023-25613
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-02-20T16:15:10.677
Modified: 2025-08-11T14:24:58.983
Link: CVE-2023-25613
Redhat
OpenCVE Enrichment
No data.
Weaknesses