On April 9, 2022, a number of security vulnerabilities in the NGINX LDAP (NGINX LDAP reference implementation) were publicly notified.
We should mention that only the reference implementation process is affected. NGINX Open Source and NGINX Plus are not affected by themselves and no remediation is required energy if you are not using the reference implementation feature.
The NGINX LDAP reference implementation uses the Lightweight Directory Access Protocol (LDAP) to authenticate applications mediated by NGINX.
The exploit was published as a Python daemon and contains the relevant settings of NGINX at the address https://github.com/nginxinc/nginx-ldap-auth. The purpose and settings of the script are described in detail on its blog Nginx.
The same blog mentions various LDAP reference implementations that are affected by security vulnerabilities. Take a look at whether any of the conditions listed apply. In addition to the references to the conditions you will also find how to mitigate them.