rpm package
suse/389-ds&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
pkg:rpm/suse/389-ds&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-5953 | Med | 5.7 | < 1.4.4.20~git3.e7ac6d87-150300.3.35.1 | 1.4.4.20~git3.e7ac6d87-150300.3.35.1 | Jun 18, 2024 | A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. | |
| CVE-2024-3657 | Hig | 7.5 | < 1.4.4.20~git3.e7ac6d87-150300.3.35.1 | 1.4.4.20~git3.e7ac6d87-150300.3.35.1 | May 28, 2024 | A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service | |
| CVE-2024-2199 | Med | 5.7 | < 1.4.4.20~git3.e7ac6d87-150300.3.35.1 | 1.4.4.20~git3.e7ac6d87-150300.3.35.1 | May 28, 2024 | A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input. |
- affected < 1.4.4.20~git3.e7ac6d87-150300.3.35.1fixed 1.4.4.20~git3.e7ac6d87-150300.3.35.1
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.
- affected < 1.4.4.20~git3.e7ac6d87-150300.3.35.1fixed 1.4.4.20~git3.e7ac6d87-150300.3.35.1
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
- affected < 1.4.4.20~git3.e7ac6d87-150300.3.35.1fixed 1.4.4.20~git3.e7ac6d87-150300.3.35.1
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.