141 matches found
AZL-9960 CVE-2021-46823 affecting package python-ldap for versions less than 3.4.0-1
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service ReDoS flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this...
DEBIAN-CVE-2021-46823
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service ReDoS flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this...
CVE-2021-46823
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service ReDoS flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this...
UBUNTU-CVE-2021-46823
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service ReDoS flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this...
CVE-2021-46823
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service ReDoS flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this...
CVE-2021-46823
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service ReDoS flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this...
CVE-2021-46823
python-ldap before 3.4.0 is vulnerable to a denial of service when ldap.schema is used for untrusted schema definitions, because of a regular expression denial of service ReDoS flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this...
CVE-2021-46823
CVE-2021-46823 affects python-ldap prior to 3.4.0. The vulnerability is a ReDoS in the LDAP schema parser when ldap.schema processes untrusted definitions, enabling a remote authenticated attacker to cause a denial of service. Public references in the provided documents consistently tie this to p...
Regular Expression Denial Of Service (ReDoS)
python-ldap is vulnerable to regular expression denial of service attacks. The vulnerability exists in ldap.schema package which allows an attacker to parse malicious strings to LDAP schema which causes a ReDoS attack...
anomalydetection (=0.0.0.dev1), csh-ldap (>=2.2.1.dev6 <=2.3.1.dev4) +12 more potentially affected by CVE-2021-46823 via python-ldap (>=2.4.19 <=3.3.1)
python-ldap PYPI version =2.4.19, =2.2.1.dev6, =0.0.2, =0.4.4, =1.0.0, =0.0.0, =1.0.0, =1.1.7, =0.4.4, =0.0.1, =1.3.3, =0.8.0, =0.9.2 Source cves: CVE-2021-46823 Source advisory: OSV:GHSA-R8WQ-QRXC-HMCM...
GHSA-R8WQ-QRXC-HMCM ReDoS in LDAP schema parser
https://github.com/python-ldap/python-ldap/issues/424 Impact The LDAP schema parser of python-ldap 3.3.1 and earlier are vulnerable to a regular expression denial-of-service attack. The issue affects clients that use ldap.schema package to parse LDAP schema definitions from an untrusted source...
ReDoS in LDAP schema parser
https://github.com/python-ldap/python-ldap/issues/424 Impact The LDAP schema parser of python-ldap 3.3.1 and earlier are vulnerable to a regular expression denial-of-service attack. The issue affects clients that use ldap.schema package to parse LDAP schema definitions from an untrusted source...
PT-2021-24339 · Unknown +3 · Python-Ldap +3
Name of the Vulnerable Software and Affected Versions: python-ldap versions prior to 3.4.0 Description: The issue is related to a regular expression denial of service ReDoS flaw in the LDAP schema parser. By sending crafted regex input, a remote authenticated attacker could exploit this...
python-ldap bug fix and enhancement update
An update is available for python-ldap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
python-ldap bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
GitHub Security Lab: [Python] CWE-522: Insecure LDAP Authentication
This bug was reported directly to GitHub Security Lab...
python-ldap bug fix and enhancement update
The python-ldap packages provide an object-oriented API for working with LDAP within Python programs. It allows access to LDAP directory servers by using the OpenLDAP 2.x libraries, and contains modules for other LDAP-related tasks including processing LDIF, LDAPURLs, LDAPv3 schema, etc.. Bug Fix...
python-ldap bug fix and enhancement update
An update is available for python-ldap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The python-ldap packages provide an object-oriented API for working with...
python-ldap bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
python-ldap bug fix and enhancement update
An update is available for python-ldap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...