Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-1062 | 2 Fedoraproject, Redhat | 13 Fedora, 389 Directory Server, Directory Server and 10 more | 2024-10-10 | N/A | 5.5 MEDIUM |
| A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr. | |||||
| CVE-2024-6237 | 1 Redhat | 3 389 Directory Server, Directory Server, Enterprise Linux | 2024-08-29 | N/A | 6.5 MEDIUM |
| A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service. | |||||
| CVE-2022-0996 | 2 Fedoraproject, Redhat | 3 Fedora, 389 Directory Server, Enterprise Linux | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication. | |||||
| CVE-2021-3514 | 1 Redhat | 1 389 Directory Server | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| When using a sync_repl client in 389-ds-base, an authenticated attacker can cause a NULL pointer dereference using a specially crafted query, causing a crash. | |||||
| CVE-2020-35518 | 1 Redhat | 3 389 Directory Server, Directory Server, Enterprise Linux | 2024-02-04 | 5.0 MEDIUM | 5.3 MEDIUM |
| When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database. | |||||
| CVE-2010-2222 | 1 Redhat | 2 389 Directory Server, Directory Server | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows attackers to cause a denial of service (NULL pointer dereference) via a crafted search query. | |||||
| CVE-2018-10935 | 1 Redhat | 1 389 Directory Server | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort. | |||||