Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openldap
(Openldap)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 59 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-26 | CVE-2020-36225 | A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. | Macos, Debian_linux, Openldap | 7.5 | ||
| 2021-01-26 | CVE-2020-36226 | A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. | Mac_os_x, Macos, Debian_linux, Openldap | 7.5 | ||
| 2021-01-26 | CVE-2020-36227 | A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. | Macos, Debian_linux, Openldap | 7.5 | ||
| 2021-01-26 | CVE-2020-36228 | An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service. | Macos, Debian_linux, Openldap | 7.5 | ||
| 2021-01-26 | CVE-2020-36229 | A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. | Mac_os_x, Macos, Debian_linux, Openldap | 7.5 | ||
| 2021-01-26 | CVE-2020-36230 | A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. | Bookkeeper, Mac_os_x, Macos, Debian_linux, Openldap | 7.5 | ||
| 2021-02-14 | CVE-2021-27212 | In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. | Debian_linux, Openldap | 7.5 | ||
| 2021-05-18 | CVE-2020-25709 | A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. | Mac_os_x, Macos, Debian_linux, Openldap, Jboss_core_services | 7.5 | ||
| 2021-05-28 | CVE-2020-25710 | A flaw was found in OpenLDAP in versions before 2.4.56. This flaw allows an attacker who sends a malicious packet processed by OpenLDAP to force a failed assertion in csnNormalize23(). The highest threat from this vulnerability is to system availability. | Debian_linux, Fedora, Openldap, Enterprise_linux, Jboss_core_services, Jboss_enterprise_application_platform, Jboss_enterprise_web_server | 7.5 | ||
| 2023-05-30 | CVE-2023-2953 | A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function. | Macos, Active_iq_unified_manager, Clustered_data_ontap, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H700s_firmware, Ontap_tools, Openldap, Enterprise_linux | 7.5 |