{"id":"CVE-2025-59518","details":"In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can occur in the Safe jail. It does not Localize _ during rule evaluation. Thus, an administrator who can edit a rule evaluated by the Safe jail can execute commands on the server.","modified":"2026-04-10T05:32:06.938514Z","published":"2025-09-17T04:16:12.527Z","references":[{"type":"REPORT","url":"https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/3462"},{"type":"FIX","url":"https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/commit/228d01945d48015f3f9ea8a8dc64d7e6a27750e9"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng","events":[{"introduced":"0"},{"fixed":"6f888e84213c1819e7b8924dd50875246b9654a4"},{"introduced":"90a97ab1d90f1d32eaf56d0e4f3a72ca7cb40877"},{"last_affected":"1421ad73acd3ee3b018db400195611de80dd4b60"},{"introduced":"0"},{"fixed":"a592316cbec75e48c34a6d77008643caa0e14aaa"},{"fixed":"228d01945d48015f3f9ea8a8dc64d7e6a27750e9"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.16.7"},{"introduced":"2.17"},{"last_affected":"2.21"},{"introduced":"0"},{"fixed":"2.21.3"}]}}],"versions":["debian/bookworm","debian/bullseye","debian/buster","ubuntu/disco","ubuntu/focal","ubuntu/groovy","ubuntu/hirsute","ubuntu/jammy","v2.0.0","v2.0.1","v2.0.10","v2.0.11","v2.0.12","v2.0.13","v2.0.14","v2.0.15","v2.0.15.1","v2.0.2","v2.0.3","v2.0.4","v2.0.6","v2.0.7","v2.0.8","v2.0.9","v2.16.1","v2.16.2","v2.16.3","v2.16.4","v2.16.5","v2.16.6","v2.17.0","v2.18.0","v2.18.1","v2.19.0","v2.20.0","v2.21.0","v2.21.1","v2.21.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-59518.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H"}]}