Control: tags -1 + confirmed On Sun, 2022-09-11 at 15:13 +0200, Yadd wrote: > lemonldap-ng before version 2.0.15 has an issue that may maintain > a session active on a Lemonldap::NG's handler if user has a > continuous > activity on this handler after session expiration or deletion > (CVE-2022-37186), if and only if user activity is tracked by handlers > (disabled by defaut) >
Please go ahead. Regards, Adam
