Astra Linux - уязвимость в openldap

An integer underflow was discovered in OpenLDAP before version 2.4.57. This issue led to a crash in the slapd process during the Certificate List Exact Assertion processing, resulting in a denial of service...

PT-2026-39244

Name of the Vulnerable Software and Affected Versions Gitsign versions 0.4.0 through 0.14.x Description In the CertVerifier.Verify function within pkg/git/verifier.go, the software unconditionally dereferences the first element of a certificate slice certs0 after calling sd.GetCertificates withou...

JLSEC-2026-170

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

CVE-2026-28388

Issue summary: When a delta CRL that contains a Delta CRL Indicator extension is processed a NULL pointer dereference might happen if the required CRL Number extension is missing. Impact summary: A NULL pointer dereference can trigger a crash which leads to a Denial of Service for an application...

MiracleLinux 7 : openldap-2.4.44-25.el7 (AXSA:2022-3084:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3084:01 advisory. openldap: assertion failure in Certificate List syntax validation CVE-2020-25709 openldap: assertion failure in CSN normalization with invalid input...

USN-7698-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

USN-7698-1 openldap vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

MAL-2025-22012 Malicious code in gsf.certificate-list (npm)

The package gsf.certificate-list was found to contain malicious code...

Diamond Sleet supply chain compromise distributes a modified CyberLink installer

Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet ZINC involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file is a legitima...

SUSE CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

openldap security update

CentOS Errata and Security Advisory CESA-2022:0621 An update for openldap is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : openldap on SL7.x i686/x86_64 (2022:0621)

The remote Scientific Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the SLSA-2022:0621-1 advisory. - openldap: assertion failure in Certificate List syntax validation CVE-2020-25709 - openldap: assertion failure in CSN normalization with invali...

openldap security update

2.4.44-25 - Fix CVE-2020-25709 openldap: assertion failure in Certificate List syntax validation 2040539 - Fix CVE-2020-25710 openldap: assertion failure in CSN normalization with invalid input 2040538...

Moderate: Red Hat Security Advisory: openldap security update

An update for openldap is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

openldap: assertion failure in Certificate List syntax validation

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability...

RHEL 7 : openldap (RHSA-2022:0621)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0621 advisory. OpenLDAP is an open-source suite of Lightweight Directory Access Protocol LDAP applications and development tools. LDAP is a set of protocol...

OESA-2021-1062 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

Debian DLA-2574-1 : openldap security update

A vulnerability in the Certificate List Exact Assertion validation was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can take advantage of this flaw to cause a denial of service slapd daemon crash via specially craft...

[SECURITY] [DSA 4860-1] openldap security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4860-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 20, 2021 https://www.debian.org/security/faq -...

EulerOS 2.0 SP9 : openldap (EulerOS-SA-2021-1250)

According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resultin...