rpm package
suse/389-ds&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
pkg:rpm/suse/389-ds&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-5953 | Med | 5.7 | < 2.0.20~git9.5e2d637c-150400.3.42.3 | 2.0.20~git9.5e2d637c-150400.3.42.3 | Jun 18, 2024 | A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password. | |
| CVE-2024-3657 | Hig | 7.5 | < 2.0.20~git9.5e2d637c-150400.3.42.3 | 2.0.20~git9.5e2d637c-150400.3.42.3 | May 28, 2024 | A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service | |
| CVE-2024-2199 | Med | 5.7 | < 2.0.20~git9.5e2d637c-150400.3.42.3 | 2.0.20~git9.5e2d637c-150400.3.42.3 | May 28, 2024 | A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input. | |
| CVE-2024-1062 | — | < 2.0.20~git9.5e2d637c-150400.3.42.3 | 2.0.20~git9.5e2d637c-150400.3.42.3 | Feb 12, 2024 | A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr. |
- affected < 2.0.20~git9.5e2d637c-150400.3.42.3fixed 2.0.20~git9.5e2d637c-150400.3.42.3
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.
- affected < 2.0.20~git9.5e2d637c-150400.3.42.3fixed 2.0.20~git9.5e2d637c-150400.3.42.3
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
- affected < 2.0.20~git9.5e2d637c-150400.3.42.3fixed 2.0.20~git9.5e2d637c-150400.3.42.3
A denial of service vulnerability was found in 389-ds-base ldap server. This issue may allow an authenticated user to cause a server crash while modifying `userPassword` using malformed input.
- CVE-2024-1062Feb 12, 2024affected < 2.0.20~git9.5e2d637c-150400.3.42.3fixed 2.0.20~git9.5e2d637c-150400.3.42.3
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.