cvedb.io
CVE-2021-3309
HIGH · CVSS 8.1
EPSS exploitation probability: 0%
Published 2021-01-26T21:15:13.063 · Last modified 2026-06-17T04:04:54.983

Summary

packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,

Affected products

wekan_project — wekan

Does this affect you?

Add your gear to cvedb and we'll alert you only when wekan_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.