Jinwoo Hwang created GEODE-10592:
------------------------------------
Summary: Remediation of CVE-2026-40984
Key: GEODE-10592
URL: https://issues.apache.org/jira/browse/GEODE-10592
Project: Geode
Issue Type: Improvement
Reporter: Jinwoo Hwang
Assignee: Jinwoo Hwang
Affected versions of this package are vulnerable to LDAP Injection in the
`DefaultLdapRealm` class. An attacker can bypass authentication or impersonate
other users by injecting LDAP special characters into the Distinguished Name
(DN) construction during LDAP bind authentication.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)