rpm package
opensuse/389-ds&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/389-ds&distro=openSUSE%20Leap%2015.5
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-5953 | Med | 5.7 | < 2.2.10~git2.345056d3-150500.3.21.1 | 2.2.10~git2.345056d3-150500.3.21.1 | Jun 18, 2024 | A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. | |
| CVE-2024-3657 | Hig | 7.5 | < 2.2.10~git2.345056d3-150500.3.21.1 | 2.2.10~git2.345056d3-150500.3.21.1 | May 28, 2024 | A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service | |
| CVE-2024-2199 | Med | 5.7 | < 2.2.10~git2.345056d3-150500.3.21.1 | 2.2.10~git2.345056d3-150500.3.21.1 | May 28, 2024 | A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input. | |
| CVE-2024-1062 | — | < 2.2.8~git65.347aae6-150500.3.17.1 | 2.2.8~git65.347aae6-150500.3.17.1 | Feb 12, 2024 | A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr. |
- affected < 2.2.10~git2.345056d3-150500.3.21.1fixed 2.2.10~git2.345056d3-150500.3.21.1
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.
- affected < 2.2.10~git2.345056d3-150500.3.21.1fixed 2.2.10~git2.345056d3-150500.3.21.1
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
- affected < 2.2.10~git2.345056d3-150500.3.21.1fixed 2.2.10~git2.345056d3-150500.3.21.1
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
- CVE-2024-1062Feb 12, 2024affected < 2.2.8~git65.347aae6-150500.3.17.1fixed 2.2.8~git65.347aae6-150500.3.17.1
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.