VYPR

rpm package

suse/389-ds&distro=SUSE Linux Enterprise Module for Server Applications 15 SP7

pkg:rpm/suse/389-ds&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP7

Vulnerabilities (2)

  • CVE-2026-9064HigMay 20, 2026
    affected < 2.7.0~git193.9ab79d496-150700.3.16.1fixed 2.7.0~git193.9ab79d496-150700.3.16.1

    A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of controls per LDAP message. A remote, unauthenticated attacker can send a specially crafted LDAP request containing hundreds of thousand

  • CVE-2025-14905HigFeb 23, 2026
    affected < 2.7.0~git144.f597a91d8-150700.3.13.1fixed 2.7.0~git144.f597a91d8-150700.3.13.1

    A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. This occurs because the code incorrectly calculates the buffer size by summing alias string lengths without accounting f