Description

A vulnerability was determined in opsre go-ldap-admin up to 20251011. This issue affects some unknown processing of the file docs/docker-compose/docker-compose.yaml of the component JWT Handler. Executing manipulation of the argument secret key can lead to use of hard-coded cryptographic key . The attack can be launched remotely. Attacks of this nature are highly complex. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized.

INFO

Published Date :

2025-12-03T14:32:07.380Z

Last Modified :

2025-12-03T21:24:31.989Z

Source :

VulDB
AFFECTED PRODUCTS

The following products are affected by CVE-2025-13948 vulnerability.

Vendors Products
Opsre
  • Go-ldap-admin
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-13948.

URL Resource
https://gist.github.com/H2u8s/a51ac1fe38d62746d1425b70ff49420c cve-icon cve-icon
https://vuldb.com/?ctiid.334163 cve-icon cve-icon
https://vuldb.com/?id.334163 cve-icon cve-icon
https://vuldb.com/?submit.692213 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Detailed values of each vector for above chart.
Access Vector
Access Complexity
Authentication
Confidentiality Impact
Integrity Impact
Availability Impact