{"id":"CVE-2021-3309","details":"packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,","modified":"2026-04-10T04:33:27.907749Z","published":"2021-01-26T21:15:13.063Z","references":[{"type":"ADVISORY","url":"https://github.com/wekan/wekan/releases/tag/v4.87"},{"type":"REPORT","url":"https://github.com/wekan/wekan/issues/3482"},{"type":"FIX","url":"https://github.com/wekan/wekan/pull/3483/commits/31f89121fecca5a761b05cc3a26d4f237e90b484"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wekan/wekan","events":[{"introduced":"0"},{"fixed":"ac020a401f68144acba465580d971b66b7d821aa"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.87"}]}}],"versions":["4.30","4.31","v0.10-rc2","v0.10.0","v0.10.0-rc1","v0.10.0-rc3","v0.10.0-rc4","v0.11.0-rc1","v0.11.0-rc2","v0.11.1-rc1","v0.11.1-rc2","v0.12","v0.13","v0.16","v0.17","v0.18","v0.19","v0.20","v0.21","v0.22","v0.23","v0.24","v0.25","v0.26","v0.27","v0.28","v0.29","v0.30","v0.31","v0.32","v0.33","v0.34","v0.35","v0.36","v0.37","v0.38","v0.39","v0.40","v0.41","v0.42","v0.43","v0.44","v0.45","v0.46","v0.47","v0.48","v0.49","v0.50","v0.51","v0.52","v0.54","v0.55","v0.56","v0.57","v0.58","v0.59","v0.60","v0.61","v0.62","v0.63","v0.65","v0.66","v0.67","v0.68","v0.69","v0.70","v0.71","v0.72","v0.73","v0.74","v0.75","v0.76","v0.77","v0.78","v0.79","v0.80","v0.81","v0.82","v0.83","v0.84","v0.85","v0.86","v0.87","v0.88","v0.89","v0.9.0-rc1","v0.9.0-rc2","v0.90","v0.91","v0.92","v0.93","v0.94","v0.95","v1.06","v1.07","v1.08","v1.09","v1.10","v1.11","v1.12","v1.13","v1.14","v1.15","v1.16","v1.17","v1.18","v1.19","v1.20","v1.21","v1.23","v1.24","v1.25","v1.26","v1.27","v1.29","v1.30","v1.31","v1.32","v1.33","v1.34","v1.35","v1.36","v1.37","v1.38","v1.39","v1.40","v1.41","v1.42","v1.43","v1.44","v1.45","v1.46","v1.47","v1.49-edge-1","v1.49.1","v1.50.1","v1.50.2","v1.50.3","v1.51.1","v1.51.2","v1.52.1","v1.53.1","v1.53.2","v1.53.3","v1.53.4","v1.53.5","v1.53.6","v1.53.7","v1.53.8","v1.53.9","v1.55.1","v1.57","v1.58","v1.59","v1.60","v1.61","v1.62","v1.63","v1.64","v1.64.1","v1.64.2","v1.65","v1.66","v1.67","v1.68","v1.69","v1.69.2","v2.60.1","v2.94","v2.98","v2.99","v3.00","v3.01","v3.02","v3.03","v3.04","v3.05","v3.06","v3.07","v3.08","v3.09","v3.10","v3.11","v3.12","v3.13","v3.14","v3.15","v3.16","v3.17","v3.18","v3.19","v3.20","v3.21","v3.22","v3.23","v3.24","v3.25","v3.26","v3.27","v3.29","v3.30","v3.31","v3.32","v3.33","v3.34","v3.35","v3.36","v3.37","v3.38","v3.39","v3.40","v3.41","v3.42","v3.43","v3.44","v3.45","v3.46","v3.47","v3.48","v3.49","v3.50","v3.51","v3.52","v3.53","v3.54","v3.55","v3.56","v3.57","v3.58","v3.59","v3.60","v3.61","v3.62","v3.63","v3.64","v3.65","v3.66","v3.67","v3.68","v3.69","v3.70","v3.71","v3.73","v3.74","v3.75","v3.76","v3.77","v3.78","v3.79","v3.80","v3.81","v3.82","v3.83","v3.84","v3.85","v3.86","v3.87","v3.88","v3.89","v3.90","v3.91","v3.92","v3.93","v3.94","v3.95","v3.96","v3.97","v3.98","v3.99","v4.00","v4.01","v4.02","v4.03","v4.04","v4.05","v4.06","v4.07","v4.08","v4.09","v4.10","v4.11","v4.12","v4.13","v4.14","v4.15","v4.16","v4.17","v4.18","v4.19","v4.20","v4.21","v4.22","v4.23","v4.24","v4.25","v4.26","v4.27","v4.28","v4.29","v4.32","v4.33","v4.34","v4.35","v4.36","v4.37","v4.38","v4.39","v4.40","v4.41","v4.42","v4.43","v4.44","v4.45","v4.46","v4.47","v4.48","v4.49","v4.50","v4.51","v4.52","v4.53","v4.54","v4.55","v4.56","v4.57","v4.58","v4.59","v4.60","v4.61","v4.62","v4.63","v4.64","v4.65","v4.66","v4.67","v4.68","v4.69","v4.70","v4.71","v4.72","v4.73","v4.74","v4.75","v4.76","v4.77","v4.78","v4.79","v4.80","v4.81","v4.82","v4.83","v4.84","v4.85","v4.86"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-3309.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}