Security update for ovmf (important)

openSUSE security update: security update for ovmf ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20875-1 Rating: important References: bsc1261469 bsc1261476 bsc1261477 bsc1261478 Cross-References: CVE-2026-25833 CVE-2026-25834 CVE-2026-25835...

Unity Linux 20.1060e / 20.1070e Security Update: openldap (UTSA-2026-017568)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017568 advisory. A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of...

JLSEC-2026-171

A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...

JLSEC-2026-172

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

SUSE CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

EUVD-2026-18003

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

DEBIAN-CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

UBUNTU-CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

PT-2026-29587

Name of the Vulnerable Software and Affected Versions Mbed TLS versions through 3.6.5 and 4.0.0 Description A flaw exists in the distinguished name parsing functionality, leading to a NULL pointer dereference. This can allow an attacker to write to address 0. Recommendations Update to a version...

CVE-2026-34874

Mbed TLS versions affected: up to 3.6.5 and 4.x up to 4.0.0. The issue is a NULL pointer dereference in distinguished name parsing that can allow writing to address 0. This is a concrete vulnerability detail (affected component and root cause) and is described in both the CVE records and CVE List...

CVE-2026-34874

An issue was discovered in Mbed TLS through 3.6.5 and 4.x through 4.0.0. There is a NULL pointer dereference in distinguished name parsing that allows an attacker to write to address 0...

USN-7713-1: OpenLDAP vulnerabilities

It was discovered that OpenLDAP incorrectly handled X.509 DN parsing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36229, CVE-2020-36230 Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short timestamps. A...

USN-7713-1 openldap vulnerabilities

It was discovered that OpenLDAP incorrectly handled X.509 DN parsing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36229, CVE-2020-36230 Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short timestamps. A...

SUSE CVE-2020-36229

A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in adkeystring, resulting in denial of service...

OESA-2021-1062 openldap security update

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

USN-4724-1 openldap vulnerabilities

It was discovered that OpenLDAP incorrectly handled Certificate Exact Assertion processing. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. CVE-2020-36221 It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing. A...

OpenLDAP 安全漏洞

OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol LDAP. A slapd security vulnerability exists in the X.509 DN parsing of decode.c bernextelement in OpenLDAP versions prior to 2.4.57. An attacker could exploit this vulnerability to cause a denial of servic...

Randombit Botan Library X509 Certificate Validation Bypass Vulnerability(CVE-2017-2801)

Summary A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially crafted X509 certificate would need to be delivered to the client or server application in...