141 matches found
anomalydetection (=0.0.0.dev1), athiruma-cloud-governance (>=1.1.89 <=1.1.345) +26 more potentially affected by CVE-2025-61911 via python-ldap (>=3.0.0 <=3.4.4)
python-ldap PYPI version =3.0.0, =1.1.89, =3.1.2, =3.7.1, =1.0.426, =2.2.1.dev6, =0.4.4, =1.0.0, =0.0.0, =1.1.0, =3.7.0, =1.0.0, =1.1.7, =1.8.4 and more Source cves: CVE-2025-61911 Source advisory: SNYK:PYTHON-PYTHONLDAP-13535079...
anomalydetection (=0.0.0.dev1), athiruma-cloud-governance (>=1.1.89 <=1.1.345) +28 more potentially affected by CVE-2025-61911 via python-ldap (>=2.4.19 <=3.4.4)
python-ldap PYPI version =2.4.19, =1.1.89, =3.1.2, =3.7.1, =1.0.426, =2.2.1.dev6, =0.0.2, =0.4.4, =1.0.0, =0.0.0, =1.1.0, =3.7.0, =3.8.0 and more Source cves: CVE-2025-61911 Source advisory: OSV:GHSA-R7R6-CC7P-4V5M...
DEBIAN-CVE-2025-61911
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
AZL-68433 CVE-2025-61912 affecting package python-ldap 3.4.4-1
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...
AZL-68430 CVE-2025-61911 affecting package python-ldap 3.4.4-1
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
AZL-68451 CVE-2025-61911 affecting package python-ldap 3.4.0-1
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
UBUNTU-CVE-2025-61911
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
CVE-2025-61912
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...
CVE-2025-61912 python-ldap Vulnerable to Improper Encoding or Escaping of Output and Improper Null Termination
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...
EUVD-2025-33796
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, ldap.dn.escapednchars escapes \x00 incorrectly by emitting a backslash followed by a literal NUL byte instead of the RFC-4514 hex form \00. Any application that uses this helper to...
CVE-2025-61912
CVE-2025-61912 concerns python-ldap prior to 3.4.5, where ldap.dn.escape_dn_chars() escapes the NUL byte as a backslash-NUL instead of the RFC‑4514 form \00. This can cause client-side denial of service when untrusted input is used to construct DNs, as requests may be dropped before contacting an...
CVE-2025-61911
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
CVE-2025-61911 python-ldap has sanitization bypass in ldap.filter.escape_filter_chars
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
CVE-2025-61911 python-ldap has sanitization bypass in ldap.filter.escape_filter_chars
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
CVE-2025-61911
python-ldap is a lightweight directory access protocol LDAP client API for Python. In versions prior to 3.4.5, the sanitization method ldap.filter.escapefilterchars can be tricked to skip escaping of special characters when a crafted list or dict is supplied as the assertionvalue parameter, and t...
CVE-2025-61911
creationtimestamp| type| source ---|---|--- 2025-10-10 20:48:29+00:00| published-proof-of-concept| https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r7r6-cc7p-4v5m...
CVE-2025-61912
creationtimestamp| type| source ---|---|--- 2025-10-10 20:48:19+00:00| published-proof-of-concept| https://github.com/python-ldap/python-ldap/security/advisories/GHSA-p34h-wq7j-h5v6...
PT-2025-41609
Name of the Vulnerable Software and Affected Versions python-ldap versions prior to 3.4.5 Description The ldap.filter.escape filter chars method in python-ldap can be exploited to bypass character escaping when a crafted list or dict is provided as the assertion value parameter, and escape mode i...
python-ldap 安全漏洞
python-ldap is a python foundation LDAP client API for Python. A security vulnerability exists in python-ldap versions prior to 3.4.5, which stems from the ldap.dn.escapednchars function incorrectly escaping x00, which could lead to a client denial of service...
PT-2025-41610
Name of the Vulnerable Software and Affected Versions python-ldap versions prior to 3.4.5 Description python-ldap is a lightweight directory access protocol LDAP client API for Python. The ldap.dn.escape dn chars function incorrectly escapes x00 by emitting a backslash followed by a literal NUL...