17 matches found
CLSA-2026-1777051819 openldap: Fix of 2 CVEs
CVE-2022-29155: fix a SQL injection vulnerability in the back-sql backend to slapd - CVE-2021-27212: fix denial of service daemon exit via a short timestamp if slapd is used...
Linux Distros Unpatched Vulnerability : CVE-2022-29155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement...
Amazon Linux 2 : openldap (ALAS-2023-1958)
The version of openldap installed on the remote host is prior to 2.4.44-23. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1958 advisory. In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend ...
Amazon Linux AMI : openldap (ALAS-2023-1691)
The version of openldap installed on the remote host is prior to 2.4.40-16.32. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1691 advisory. In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backen...
Critical: openldap
Issue Overview: In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of...
SUSE CVE-2022-29155
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...
EulerOS Virtualization 3.0.6.6 : openldap (EulerOS-SA-2022-2523)
According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend...
EulerOS Virtualization 2.9.1 : openldap (EulerOS-SA-2022-2358)
According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend...
EulerOS Virtualization 2.10.1 : openldap (EulerOS-SA-2022-2116)
According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend...
Critical: openldap
Issue Overview: In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of...
USN-5424-1 openldap vulnerability
It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database...
SUSE SLES12 Security Update : openldap2 (SUSE-SU-2022:1685-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1685-1 advisory. - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd,...
Vulnerability fixed in OpenLDAP
A vulnerability has been fixed in OpenLDAP. The vulnerability allows a malicious person to perform an SQL injection. The is a vulnerability in the back-sql backend. This backend is no longer actively supported but is still available in OpenLDAP. The developers of OpenLDAP have released updates to...
DEBIAN-CVE-2022-29155
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...
AZL-9672 CVE-2022-29155 affecting package openldap for versions less than 2.4.57-7
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...
ALPINE-CVE-2022-29155
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...
CVE-2022-29155
In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via a SQL statement within an LDAP query. This can occur during an LDAP search operation when the search filter is processed, due to a lack of proper escaping...