VulnerableCode Package Details - pkg:deb/debian/fusiondirectory@1.3-4%2Bdeb11u1?distro=bullseye

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-6uq5-8b85-7qc3	Fusiondirectory 1.3 suffers from Improper Session Handling.	CVE-2022-36179
VCID-9gy1-x64d-a7d7	Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.	CVE-2022-36180
VCID-vppv-uve4-bqbx	Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided.	CVE-2019-11187

Vulnerability

Summary

Aliases

VCID-6uq5-8b85-7qc3

Fusiondirectory 1.3 suffers from Improper Session Handling.

CVE-2022-36179

VCID-9gy1-x64d-a7d7

Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106.

CVE-2022-36180

VCID-vppv-uve4-bqbx

Incorrect Access Control in the LDAP class of GONICUS GOsa through 2019-04-11 allows an attacker to log into any account with a username containing the case-insensitive substring "success" when an arbitrary password is provided.

CVE-2019-11187

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:47:02.855516+00:00	Debian Importer	Fixing	VCID-9gy1-x64d-a7d7	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:50:26.871266+00:00	Debian Importer	Fixing	VCID-vppv-uve4-bqbx	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:46:09.466102+00:00	Debian Importer	Fixing	VCID-6uq5-8b85-7qc3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:46:07.264896+00:00	Debian Importer	Fixing	VCID-9gy1-x64d-a7d7	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:34:39.943994+00:00	Debian Importer	Fixing	VCID-vppv-uve4-bqbx	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:53:26.281066+00:00	Debian Importer	Fixing	VCID-6uq5-8b85-7qc3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:24:22.366416+00:00	Debian Importer	Fixing	VCID-9gy1-x64d-a7d7	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:24:22.352809+00:00	Debian Importer	Fixing	VCID-6uq5-8b85-7qc3	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:24:22.330973+00:00	Debian Importer	Fixing	VCID-vppv-uve4-bqbx	https://security-tracker.debian.org/tracker/data/json	38.1.0