4 matches found
CVE-2026-11791 389-ds-base: 389-ds-base: use-after-free in schema reload via attr_syntax_swap_ht()
A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while...
EUVD-2026-37902
A flaw was found in 389 Directory Server. During schema reload, the attrsyntaxswapht function unconditionally frees attribute syntax information nodes, bypassing the refcount-based deferred deletion used elsewhere in the attribute syntax subsystem. If an administrator triggers schema reload while...
PT-2026-50687
Name of the Vulnerable Software and Affected Versions 389 Directory Server affected versions not specified Description A flaw exists during schema reload where the attr syntax swap ht function unconditionally frees attribute syntax information nodes. This action bypasses the refcount-based deferr...
Twig: Arbitrary PHP code execution via `_self.(<string>)` macro-reference compilation
Description The obj.expr dynamic-attribute syntax added in 3.15.0 as the replacement for the deprecated attribute function lets the attribute be an arbitrary expression. When the receiver is self or any % import % alias and the parenthesised expression is a string literal, DotExpressionParser...