VYPR

Slapi Nis

by Red Hat

CVEs (2)

  • CVE-2021-3480May 20, 2021
    risk 0.00cvss epss 0.02

    A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the Binding DN could allow an unauthenticated attacker to crash the 389-ds-base directory server. The highest threat from this vulnerability is to system availability.

  • CVE-2015-0283Mar 30, 2015
    risk 0.00cvss epss 0.03

    The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request for a (1) group with a large number of members or (2) user that…