rpm package
suse/openldap2&distro=SUSE Enterprise Storage 5
pkg:rpm/suse/openldap2&distro=SUSE%20Enterprise%20Storage%205
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25692 | Hig | 7.5 | < 2.4.41-18.77.1 | 2.4.41-18.77.1 | Dec 8, 2020 | A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. | |
| CVE-2020-8023 | Hig | 7.7 | < 2.4.41-18.71.2 | 2.4.41-18.71.2 | Sep 1, 2020 | A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterpri | |
| CVE-2020-12243 | Hig | 7.5 | < 2.4.41-18.68.1 | 2.4.41-18.68.1 | Apr 28, 2020 | In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash). |
- affected < 2.4.41-18.77.1fixed 2.4.41-18.77.1
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service.
- affected < 2.4.41-18.71.2fixed 2.4.41-18.71.2
A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterpri
- affected < 2.4.41-18.68.1fixed 2.4.41-18.68.1
In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service (daemon crash).