VYPR

PyPI package

python-ldap

pkg:pypi/python-ldap

Vulnerabilities (3)

  • CVE-2025-61912Oct 10, 2025
    affected < 3.4.5fixed 3.4.5

    python-ldap is a lightweight directory access protocol (LDAP) client API for Python. In versions prior to 3.4.5, ldap.dn.escape_dn_chars() escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that us

  • CVE-2025-61911Oct 10, 2025
    affected < 3.4.5fixed 3.4.5

    python-ldap is a lightweight directory access protocol (LDAP) client API for Python. In versions prior to 3.4.5, the sanitization method `ldap.filter.escape_filter_chars` can be tricked to skip escaping of special characters when a crafted `list` or `dict` is supplied as the `ass

  • CVE-2021-46823Jun 18, 2022
    affected < 3.4.0fixed 3.4.0

    python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service (ReDoS) flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could