rpm package
opensuse/openldap2&distro=openSUSE Leap 15.0
pkg:rpm/opensuse/openldap2&distro=openSUSE%20Leap%2015.0
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-13565 | — | < 2.4.46-lp150.13.1 | 2.4.46-lp150.13.1 | Jul 26, 2019 | An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covere | ||
| CVE-2019-13057 | — | < 2.4.46-lp150.13.1 | 2.4.46-lp150.13.1 | Jul 26, 2019 | An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from reque | ||
| CVE-2017-17740 | Hig | 7.5 | < 2.4.46-lp150.13.1 | 2.4.46-lp150.13.1 | Dec 18, 2017 | contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN ope |
- CVE-2019-13565Jul 26, 2019affected < 2.4.46-lp150.13.1fixed 2.4.46-lp150.13.1
An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covere
- CVE-2019-13057Jul 26, 2019affected < 2.4.46-lp150.13.1fixed 2.4.46-lp150.13.1
An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from reque
- affected < 2.4.46-lp150.13.1fixed 2.4.46-lp150.13.1
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN ope